Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T103F217AD00FC7EBB0C4B46D0BBD6674AEBE1D718C3E6A78066F5CADD8D52E46C805241 |
|
CONTENT
ssdeep
|
768:9twt2wSGBS44tYf/f+HEcdR18kBAITBAItCr:9etV244+f/fsEIBB5B2 |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
bc3232c9c9cbcc9c |
|
VISUAL
aHash
|
c78787ff9f9f9f9f |
|
VISUAL
dHash
|
0c2d2e3a2a2a2a2c |
|
VISUAL
wHash
|
8783838b8b8b9b8f |
|
VISUAL
colorHash
|
07203000040 |
|
VISUAL
cropResistant
|
0c2d2e3a2a2a2a2c,222a3336347872b3,21a6a622b1a18969,29dcedf9f169d9cd |
Victim is prompted for 2FA code after entering credentials. The code is intercepted and used by attacker to access victim's account in real-time.
Malicious code is obfuscated using 37 techniques to evade detection by security scanners and make reverse engineering more difficult.