Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1EF52F8366081AA6A667743F67F43770A91E0A056C876061577F982DC8FD1EF0ED8322B |
|
CONTENT
ssdeep
|
192:Gjb7UdjnjBvBpTt6Iou95E4GUg5GJMQUPXjAtru1HcNRjHa2nb2:O7UTBxt6Iou95jGpwJMQU/jAU18K |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
bc34336992cbcec4 |
|
VISUAL
aHash
|
ef8383ffffc1c1ff |
|
VISUAL
dHash
|
191e263834230320 |
|
VISUAL
wHash
|
af8383879f81819f |
|
VISUAL
colorHash
|
07007000000 |
|
VISUAL
cropResistant
|
191e263834230320 |
Victim is prompted for 2FA code after entering credentials. The code is intercepted and used by attacker to access victim's account in real-time.
Malicious code is obfuscated using 2 techniques to evade detection by security scanners and make reverse engineering more difficult.