Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1C972C6E53281377513878AE2B219A6F96378DEACC2331254B5FCC21C16D5D9DC72BBA0 |
|
CONTENT
ssdeep
|
384:Zmn8v+gfnBj4eNHCL1hdkgkPQPkVPB2k4CkIfO:3u6HM4VPQcJtSmO |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
c963319973c99c36 |
|
VISUAL
aHash
|
2000183c3c181800 |
|
VISUAL
dHash
|
cc31306169b2324c |
|
VISUAL
wHash
|
6e3c3c3c3c3c087e |
|
VISUAL
colorHash
|
38001000e40 |
|
VISUAL
cropResistant
|
a28452032f6d92aa,cc31306169b2324c |
Victim is prompted for 2FA code after entering credentials. The code is intercepted and used by attacker to access victim's account in real-time.
Malicious code is obfuscated using 6 techniques to evade detection by security scanners and make reverse engineering more difficult.