Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T138E1E9335102EC2E5F25C2C9EF4B3B29D19B56C7EB330A22DDC9131A96A4D85C4722ED |
|
CONTENT
ssdeep
|
192:RPOANHSbSWScbD8Oi3R6w0rpBk8Anlj6e:RG4HKSW3D8OO6/Aj6e |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
cf6618669992cb66 |
|
VISUAL
aHash
|
30303c3c30303c3c |
|
VISUAL
dHash
|
6866617166606970 |
|
VISUAL
wHash
|
30383c3c383c3cff |
|
VISUAL
colorHash
|
380020001c0 |
|
VISUAL
cropResistant
|
6866617166606970 |
Victim is prompted for 2FA code after entering credentials. The code is intercepted and used by attacker to access victim's account in real-time.
Malicious code is obfuscated using 2 techniques to evade detection by security scanners and make reverse engineering more difficult.