Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T142925F6210C36F3BC087C2A0A678279D53604E9EDFF306A49DAF435BD78B965DF22149 |
|
CONTENT
ssdeep
|
384:ET/lGirWtRoY4YQLjajNJkPBdWHTOXI+3KDbXIid:cH6tRorPafoBdgd+6/XIid |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
8fd2c385d885e3ca |
|
VISUAL
aHash
|
7e81819999819981 |
|
VISUAL
dHash
|
d071693333573331 |
|
VISUAL
wHash
|
ff99819999999981 |
|
VISUAL
colorHash
|
380000001c0 |
|
VISUAL
cropResistant
|
b08282a4a4800281,3371f0715573b24c,a2808943276580a2,d071693333573331 |
Victim is prompted for 2FA code after entering credentials. The code is intercepted and used by attacker to access victim's account in real-time.
Malicious code is obfuscated using 193216 techniques to evade detection by security scanners and make reverse engineering more difficult.