Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1A332B7363685733A47CB06F7B36B52EAA275CE54D127021CA6FC811E13B2D918B27BD4 |
|
CONTENT
ssdeep
|
192:ZFRylUPux/ww4G9k+P26zLxRqm5EA+HfBA0OX54VE8A:ZUUPut4gk+/zLxRP5QfBA0OKO |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
b80b1bf1e7f13424 |
|
VISUAL
aHash
|
000000ffffffffff |
|
VISUAL
dHash
|
f9f1f71b16161e0e |
|
VISUAL
wHash
|
000000c3ffcfcfff |
|
VISUAL
colorHash
|
070000001c0 |
|
VISUAL
cropResistant
|
17130616161e1e0e,bff969f3e9f3f7ef |
Victim is prompted for 2FA code after entering credentials. The code is intercepted and used by attacker to access victim's account in real-time.
Malicious code is obfuscated using 6 techniques to evade detection by security scanners and make reverse engineering more difficult.