Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1E9B11460D085A62F2BC347C0FA112F1D668292C8D4561D0467E947FE3F9BE6BD84F8B6 |
|
CONTENT
ssdeep
|
96:Xqr9ckup9poQ66zEUjHcQU0UOD8U0UOD8U0UOD8U0UODctvMk:6r9ckup9poQ66zjLtX |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
cd7a201a9fa57a85 |
|
VISUAL
aHash
|
00e0f0ffbc007313 |
|
VISUAL
dHash
|
100001606021c6b6 |
|
VISUAL
wHash
|
00e0f0ffbf807353 |
|
VISUAL
colorHash
|
1b403000000 |
|
VISUAL
cropResistant
|
0812301040408280,8b933322b1316b7b,f0f0b4b633b1f43c,100001606021c6b6 |
Victim is prompted for 2FA code after entering credentials. The code is intercepted and used by attacker to access victim's account in real-time.
Malicious code is obfuscated using 2 techniques to evade detection by security scanners and make reverse engineering more difficult.