Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T188E1A52539447ABB83C742B6F736A7EC32D68063C02B8B4822F5C15CA7E6D96CD10797 |
|
CONTENT
ssdeep
|
192:ndMisF8RKzDTL6kk6IHrqu3lPG2D+y2Gx7DdZk91:ndM6ADnQT3lPG2Ky2Gx7DdZk91 |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
e949b317a4c243eb |
|
VISUAL
aHash
|
000000000000ffff |
|
VISUAL
dHash
|
1812c3a693121e14 |
|
VISUAL
wHash
|
ce88f0d0000affff |
|
VISUAL
colorHash
|
09000c00040 |
|
VISUAL
cropResistant
|
0500969618988696,181213c3a6931218 |
Victim is prompted for 2FA code after entering credentials. The code is intercepted and used by attacker to access victim's account in real-time.
Malicious code is obfuscated using 6 techniques to evade detection by security scanners and make reverse engineering more difficult.