Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T120E1BCF0D271AA37427791D260AB9F7A31E4818CC6A6150547EE83E50FFEC52F81B692 |
|
CONTENT
ssdeep
|
192:yTs2esI+JAT5RI5RUHKLRRemnbws/fBFX+dN0vOZ77D+pJwj8eN01IXmDILHmEtC:Cs3sI+eT3IDUHKVRRnEsX7XWNUq/+Twy |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
c73869963c653c66 |
|
VISUAL
aHash
|
0028003c7e7e7c00 |
|
VISUAL
dHash
|
d4d066c8ccf4ccca |
|
VISUAL
wHash
|
067c107e7e7e7e00 |
|
VISUAL
colorHash
|
00000000007 |
|
VISUAL
cropResistant
|
ff3f3f3f3f3f2fff,f72f2d3f3f3f3bff,ef3f3fef3f7f6fff,ff3f3f3f2f3f36ff,df7f3fdf177f3ffe,f73f2f7f3d3f3fff,fb2f3f7f3d2f37ff,ef7f7f7f2b3f3fff,d4d066c8ccf4ccca |
Victim is prompted for 2FA code after entering credentials. The code is intercepted and used by attacker to access victim's account in real-time.
Malicious code is obfuscated using 29 techniques to evade detection by security scanners and make reverse engineering more difficult.