Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T15AB35CE43658F2A21AF343E714AF2113B339653F581E0850A394EC9E726DC9BA067FD5 |
|
CONTENT
ssdeep
|
1536:oPHuMTkd61TVK5BWpHxh8L6R8XXhjaPnQgT+Fuytc:YTTjDmL6yXtbfO |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
cb1b2c64bb19ce46 |
|
VISUAL
aHash
|
00003c2c342000ff |
|
VISUAL
dHash
|
1164687968640813 |
|
VISUAL
wHash
|
81303c3c3c3000ff |
|
VISUAL
colorHash
|
38003006000 |
|
VISUAL
cropResistant
|
1164687968640813 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 2124 techniques to evade detection by security scanners and make reverse engineering more difficult.