Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1BAB21072908A6137103799CAF1B16B3DB1D7925DCE234803B7FC63EA9BC4D52998BC85 |
|
CONTENT
ssdeep
|
192:3cfcDwAx49Tg/Cq+NBeP6MbMkPdqRYqkM5crojUqa45R6EBe4E4L7lk1a9TBkG0h:3cf9TCP+feoRf5dD9TBt05QsjyXZsp |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
bc6e833d6c386c31 |
|
VISUAL
aHash
|
81ffdf8183c3cfc3 |
|
VISUAL
dHash
|
0f60272b36333817 |
|
VISUAL
wHash
|
81ffcf8183818fc3 |
|
VISUAL
colorHash
|
066000c0000 |
|
VISUAL
cropResistant
|
0f60272b36333817,0040080888800000,66e424a6ecc8cae6,3ba3adac0969288c,743dac6d726a1a16 |
Victim is prompted for 2FA code after entering credentials. The code is intercepted and used by attacker to access victim's account in real-time.
Malicious code is obfuscated using 13 techniques to evade detection by security scanners and make reverse engineering more difficult.