Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T12CA2433012036E7F22D7C5F1A331ABA6B284F601CA17961943F553593BCBCE5CCAAB61 |
|
CONTENT
ssdeep
|
384:tjYL+pRONnVGxYYzuRbuWMcOuP8l5bEuAsuMZbuWMebufXu03NBVMzDG2bsh6djn:t0L+pRQEoRK0FszAvMZKWKfe03cG2bsg |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
cc393367892ec639 |
|
VISUAL
aHash
|
00003c3c3838003c |
|
VISUAL
dHash
|
02107070726032f0 |
|
VISUAL
wHash
|
c31c3c3c3c3c387e |
|
VISUAL
colorHash
|
38001200090 |
|
VISUAL
cropResistant
|
02107070726032f0 |
Victim is prompted for 2FA code after entering credentials. The code is intercepted and used by attacker to access victim's account in real-time.
Malicious code is obfuscated using 9 techniques to evade detection by security scanners and make reverse engineering more difficult.