Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1EE82983F6704D27FD39241E66702F549B39AC04BE9C95501E3F98A0FBBD2DA0E966107 |
|
CONTENT
ssdeep
|
192:2vTvfvLj2bUZR44MBxSviefEbpeHVzT/p1wtRSl6mNZ7kjzRp0Ckxs:S2bUv44UELcbo1H/4t5mNZi |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
e766cc2c9b963099 |
|
VISUAL
aHash
|
e7e3e7e7e7c3e7e7 |
|
VISUAL
dHash
|
2e0e4d4d0c44040c |
|
VISUAL
wHash
|
00e3e3e7e3e3c3c0 |
|
VISUAL
colorHash
|
070030000c0 |
|
VISUAL
cropResistant
|
2e0e4d4d0c44040c |
Victim is prompted for 2FA code after entering credentials. The code is intercepted and used by attacker to access victim's account in real-time.
Malicious code is obfuscated using 624 techniques to evade detection by security scanners and make reverse engineering more difficult.
Pages with identical visual appearance (based on perceptual hash)