Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T18212C63532952BF543D70AF5F27647EAE370CE58C323969872F8822E2FD5D828712A54 |
|
CONTENT
ssdeep
|
96:TnbzXC58kYIwYi6xtBcZOWWU+o+dWMvttPD9HDGnDN/ETfovgwg7fswMdKwaj3um:rCeKwx6PCp9Ott9gfAMd03jr8sq3iD |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
a5388d52e7ce8ea2 |
|
VISUAL
aHash
|
ffc3c3c3c3ffc3ff |
|
VISUAL
dHash
|
26968e8e4c320607 |
|
VISUAL
wHash
|
ff81c1c3c300c3fb |
|
VISUAL
colorHash
|
07000000780 |
|
VISUAL
cropResistant
|
26968e8e4c320607 |
Victim is prompted for 2FA code after entering credentials. The code is intercepted and used by attacker to access victim's account in real-time.
Malicious code is obfuscated using 6 techniques to evade detection by security scanners and make reverse engineering more difficult.