Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T17FA265B022222EBF5587C7B5F3549B6F91D49698CC27C65CB3E8C26A5FC6C97CD88210 |
|
CONTENT
ssdeep
|
384:DuuJfi9Mw+X84o3kRvsrybUjrUdbDtmtU:D5Jfi9F+X84ykRUrS8IZDtmtU |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
b8f943c2381bce6c |
|
VISUAL
aHash
|
ffffdbcfcfff0000 |
|
VISUAL
dHash
|
2b86371b3700d8cd |
|
VISUAL
wHash
|
fdff818783ff0000 |
|
VISUAL
colorHash
|
07600000280 |
|
VISUAL
cropResistant
|
6bc8273b1b3726d0,0500000000000000,cc0c0c0c0e070f0f,4f2fc8c8ddcc0f0f |
Victim is prompted for 2FA code after entering credentials. The code is intercepted and used by attacker to access victim's account in real-time.
Malicious code is obfuscated using 6 techniques to evade detection by security scanners and make reverse engineering more difficult.