Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T10EC295739151B73B065392C8B729B75DF2C6908DDBCA050073ECC6099EC7EB1AD329A9 |
|
CONTENT
ssdeep
|
384:5aFea9G8Tr0C448lvKF/BJ/p/ulCOD0Ms6xCeelj2K0zn:5aFea9Br0C448sD6IOWns |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
ede9929e9292ad88 |
|
VISUAL
aHash
|
fff0f1f1f19184ff |
|
VISUAL
dHash
|
289293d3d3332d02 |
|
VISUAL
wHash
|
fff0e0e0e08084ff |
|
VISUAL
colorHash
|
01000038000 |
|
VISUAL
cropResistant
|
289293d3d3332d02,a292aaaaea92a2d4,176971714d61c1d4 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 1 techniques to evade detection by security scanners and make reverse engineering more difficult.