Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T17681B86183A56EA356F2C1DAB7E63206B2E9B518DA02C91D11F8034C45C2D5FFC77A19 |
|
CONTENT
ssdeep
|
48:TJKA8vY4TNC7vTNCuDTNCbTNCQTNCKalTNCfTNCXBLvq2YOv8sRIKwKxUGOTOVz+:TJ10Pk5Bj0gVYWg |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
9847c63c6976f268 |
|
VISUAL
aHash
|
1f1f1f1f1f1f1f1f |
|
VISUAL
dHash
|
36b4b6b3b334b4b4 |
|
VISUAL
wHash
|
0f0f0f0f0f0f0f0f |
|
VISUAL
colorHash
|
06006400000 |
|
VISUAL
cropResistant
|
9880888c86808080,967c988071b0c0f0 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 5 techniques to evade detection by security scanners and make reverse engineering more difficult.
| ID | Português | Inglês | Trigger |
|---|---|---|---|