Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1C981FCB0F167A53B5093C6D4F6E56FAAF2C1424FCBAB020682FE83D54BA6D95DC06016 |
|
CONTENT
ssdeep
|
48:BtNmTNMYO++O04uB7bAAaZ7Zj0IkqpFRDMk+XIBpu1nK5a/W+hWjtT9akQs:BN+ZuVblCB0I7MkRuZKYe |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
e9e1b6948d636349 |
|
VISUAL
aHash
|
ffffe1d918000000 |
|
VISUAL
dHash
|
c4031393b30821e1 |
|
VISUAL
wHash
|
fffff9f159000010 |
|
VISUAL
colorHash
|
30007000080 |
|
VISUAL
cropResistant
|
feff3774de5ffffe,c4031393b30821e1 |
Victim is prompted for 2FA code after entering credentials. The code is intercepted and used by attacker to access victim's account in real-time.
Malicious code is obfuscated using 15 techniques to evade detection by security scanners and make reverse engineering more difficult.