Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T19E92ED9021675E3E714B83C1D6B3F366B25B5281D8CEF1C441AE42E88AD3DD5ECAF285 |
|
CONTENT
ssdeep
|
384:2H+thQQRl+d+bYZrON7STSX9s/ltxRxltmh+NQltb7KAltdYxwkKB0e8u9Dqgggl:2H+thQQRl+wbYZrON7STSX9s/ltxRxl8 |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
83d66d2d3896c761 |
|
VISUAL
aHash
|
1c3c7e3e2f230000 |
|
VISUAL
dHash
|
f4e8e8ecd8d7edfe |
|
VISUAL
wHash
|
3e3c7e7f2f2b0100 |
|
VISUAL
colorHash
|
10000000038 |
|
VISUAL
cropResistant
|
33b396dccc496b73,f4e8e8ecd8d7edfe |
Victim is prompted for 2FA code after entering credentials. The code is intercepted and used by attacker to access victim's account in real-time.
Malicious code is obfuscated using 14 techniques to evade detection by security scanners and make reverse engineering more difficult.