Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T15F525460B470983B0167C1F6F2EDA786B2E6C1C4C682928292F8F76D4FE1C54ED765D2 |
|
CONTENT
ssdeep
|
192:3i/kgma6CL+shG0drZGg0GrZG7JDxb82ihHicr7qRIU2n:3lgeAEJDxbgHicr7qRh6 |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
cd2f9696b46969a0 |
|
VISUAL
aHash
|
bf3e39393e787838 |
|
VISUAL
dHash
|
6564737370d2f272 |
|
VISUAL
wHash
|
bf3e383838787838 |
|
VISUAL
colorHash
|
07000e00000 |
|
VISUAL
cropResistant
|
6564737370d2f272 |
Victim is prompted for 2FA code after entering credentials. The code is intercepted and used by attacker to access victim's account in real-time.
Malicious code is obfuscated using 4 techniques to evade detection by security scanners and make reverse engineering more difficult.