Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1FEA22360121199B600D3C9F5F7E1B76BA2E4CB48C667C28A73E8435B6FDAC18DE94364 |
|
CONTENT
ssdeep
|
384:wI57wlLqHeK4a0eh4ROpYwAeSmv+zbZvjM+XfFwv1:f7wlLMVh4ROpYwAeSmYtg+tQ |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
daa4a3cfb4584ac3 |
|
VISUAL
aHash
|
fffffc9cf8f8f8fc |
|
VISUAL
dHash
|
338c303030201108 |
|
VISUAL
wHash
|
ffffc088c8a0e0f0 |
|
VISUAL
colorHash
|
06200080003 |
|
VISUAL
cropResistant
|
338c303030201108,2323232141030307 |
Victim is prompted for 2FA code after entering credentials. The code is intercepted and used by attacker to access victim's account in real-time.
Malicious code is obfuscated using 6 techniques to evade detection by security scanners and make reverse engineering more difficult.