Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1920342605233166B02B382C1E6F79B8D91D482A4E7A34B79F3ECC75E5ECDC48BD59122 |
|
CONTENT
ssdeep
|
768:h+BAx2Nm+bM+xQ8WpebPDhyj/Vu70zonevSwjy:h74Nm+bM+xQ8Wpep2qnwSwjy |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
bad56f28159651c3 |
|
VISUAL
aHash
|
0280ee6e44818181 |
|
VISUAL
dHash
|
96494cdc9c1b2725 |
|
VISUAL
wHash
|
428dfeee4fc18381 |
|
VISUAL
colorHash
|
300000084c0 |
|
VISUAL
cropResistant
|
96494cdc9c1b2725 |
Victim is prompted for 2FA code after entering credentials. The code is intercepted and used by attacker to access victim's account in real-time.
Malicious code is obfuscated using 112 techniques to evade detection by security scanners and make reverse engineering more difficult.