Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T17D81BCA05215A93F21F3C2D2EB65677B22E1868BDF47120512FE83B84FE5D88ED13459 |
|
CONTENT
ssdeep
|
48:TRGjQVTv6J4UA7mP/lptL4BlwgE7Maa1knSu+Q6Uu6:Tgim4TKP/pLEI7MhL3Kb |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
93666c96c765929c |
|
VISUAL
aHash
|
66206c6c3e0e0206 |
|
VISUAL
dHash
|
c489c8c8e87816dc |
|
VISUAL
wHash
|
66e0ec6e3e0f070e |
|
VISUAL
colorHash
|
381c9000000 |
|
VISUAL
cropResistant
|
8008148606100080,c489c8c8e87816dc |
Victim is prompted for 2FA code after entering credentials. The code is intercepted and used by attacker to access victim's account in real-time.
Malicious code is obfuscated using 34 techniques to evade detection by security scanners and make reverse engineering more difficult.
Pages with identical visual appearance (based on perceptual hash)