Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T128C263B02254953EA08792D7AF7A273B33FAA6F4D9330205D7F887149F65C88EC23585 |
|
CONTENT
ssdeep
|
384:vWtqY+SAanUMU74KyZichwq/PivxR2ohkzRYXBplpp0SVVtmGK0NJHYc1RcW+MlK:gAayHytw572DRYXv/RhYwHu |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
d2b22d2da19697e1 |
|
VISUAL
aHash
|
03647c6c4000607e |
|
VISUAL
dHash
|
968dcd8d966cd4d4 |
|
VISUAL
wHash
|
4f447c7e60007e7e |
|
VISUAL
colorHash
|
38038000000 |
|
VISUAL
cropResistant
|
968dcd8d966cd4d4 |
Victim is prompted for 2FA code after entering credentials. The code is intercepted and used by attacker to access victim's account in real-time.
Malicious code is obfuscated using 5 techniques to evade detection by security scanners and make reverse engineering more difficult.