Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T17783216C5144883281CF58C7E579764E91AFC200C2266A85AFA073D73F86E59CB17FEE |
|
CONTENT
ssdeep
|
1536:dspLp/f6G+Ny92m7s7o7A737baXk0ie92uenueR:KJ8y92cr92pX |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
b8956cae47e94c91 |
|
VISUAL
aHash
|
030f9fffffd1c100 |
|
VISUAL
dHash
|
561e3a9a9cab3ba5 |
|
VISUAL
wHash
|
030e0fffffc1c900 |
|
VISUAL
colorHash
|
06007000000 |
|
VISUAL
cropResistant
|
561e3a9a9cab3ba5,54475b5b33735d43,0e9e9e8604080000 |
Victim is prompted for 2FA code after entering credentials. The code is intercepted and used by attacker to access victim's account in real-time.
Malicious code is obfuscated using 1 techniques to evade detection by security scanners and make reverse engineering more difficult.