Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1E0E1F662D180337747421262B25A37D6C71F14D8C7A3847C95FD8C2E279ADA89A3BDCC |
|
CONTENT
ssdeep
|
96:0IIcV5W7rv0bXy61M5Da89nVznTgZFx4eLiLQ8iZ+Ut13Jm8HAffOWzgGeSl8:0Ipg7re1b+VjCPCQQy5pgHO0ReSl8 |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
dd5be466f9990884 |
|
VISUAL
aHash
|
ff0000000000ffff |
|
VISUAL
dHash
|
130730310080262b |
|
VISUAL
wHash
|
fff918000000ffff |
|
VISUAL
colorHash
|
1a600180000 |
|
VISUAL
cropResistant
|
d090920303030303,c826162060132b2b,1203043171063000 |
Victim is prompted for 2FA code after entering credentials. The code is intercepted and used by attacker to access victim's account in real-time.
Malicious code is obfuscated using 615 techniques to evade detection by security scanners and make reverse engineering more difficult.