Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T102F3D6CC2B706CD549C88BCFBF12B5AD6823A4FA99928C94D05C4F5D24D2D6CBE4AD43 |
|
CONTENT
ssdeep
|
1536:6fvsDLrAzSItEEEgFOf7cadUQjByQtTZzIZSczPwKufpxVfPGrq+c6q7dXlhR1/r:6GbDbHX55 |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
ce03f683c693c593 |
|
VISUAL
aHash
|
7e0000181898e0f0 |
|
VISUAL
dHash
|
e08f777169700000 |
|
VISUAL
wHash
|
ff01013d38f8f8f0 |
|
VISUAL
colorHash
|
38000000e00 |
|
VISUAL
cropResistant
|
8200c4d0c8c00082,79797979393c3c3e,e08f777169700000 |
Victim is prompted for 2FA code after entering credentials. The code is intercepted and used by attacker to access victim's account in real-time.
Malicious code is obfuscated using 14 techniques to evade detection by security scanners and make reverse engineering more difficult.