Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T10253C9AC51444432914F48D7D93D724EE28FC14086266E956FA073CB7F8AE958B0AFFE |
|
CONTENT
ssdeep
|
768:5d1H0JJgzw3sO0OgChueDi++a7Km7KW7KK7Ku7Kcuo1uaFxqrRe+tdsK2GCOS6eD:RzO0OtoeDita7p7F7V7B7/B/D |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
b99560ea42ea4f9a |
|
VISUAL
aHash
|
b10f9fdfdfd3df00 |
|
VISUAL
dHash
|
2d1e383a1c2b3b2b |
|
VISUAL
wHash
|
810f8fdf8fc3cd00 |
|
VISUAL
colorHash
|
0e207000000 |
|
VISUAL
cropResistant
|
691e383a1c3a2b3b,23232b3b1b2de662 |
Victim is prompted for 2FA code after entering credentials. The code is intercepted and used by attacker to access victim's account in real-time.
Malicious code is obfuscated using 1 techniques to evade detection by security scanners and make reverse engineering more difficult.