Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T12DB276755504EF3F309382E0DB3133EE72AA6185D60A1704E2FD4BB99B89C86EC37694 |
|
CONTENT
ssdeep
|
192:mTELT7f2YlYcx7FXnL1jGnj+I2mj4AkGQKBjOTjk+JcNjWbyhHNBh/dGt6Lv03V9:rLT7eYrtQ5Yc3Dh0cLcUUEpOK3bTr0h |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
80871f8f647c8ff0 |
|
VISUAL
aHash
|
3f7ffff7e73f0000 |
|
VISUAL
dHash
|
e8c4f28686f1f502 |
|
VISUAL
wHash
|
3f3fffe7e7000000 |
|
VISUAL
colorHash
|
0f078000200 |
|
VISUAL
cropResistant
|
e8e0d4b28e86d6e0,1b088ccecec6c6d8,8686f1e4f5d92290,cec6cece4edd442e |
Victim is prompted for 2FA code after entering credentials. The code is intercepted and used by attacker to access victim's account in real-time.
Malicious code is obfuscated using 20 techniques to evade detection by security scanners and make reverse engineering more difficult.