Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1D923A43922513D3EA6578BF9F7A2737815DEE20DC317CA58E3BC06715BC6C84AA23250 |
|
CONTENT
ssdeep
|
768:vYtCoZhUTG9/Q8K0aA5Z7KYJSLhKfhX15342KmmyIaiGIamWsIB+NvvkaNcFK:VozUSBzZLIkgc0 |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
ceb00631e6b3ce9a |
|
VISUAL
aHash
|
07f3ffff40000030 |
|
VISUAL
dHash
|
8ca6e08a86705864 |
|
VISUAL
wHash
|
47efffff40300030 |
|
VISUAL
colorHash
|
380000300c0 |
|
VISUAL
cropResistant
|
8ca6e08a86705864 |
Victim is prompted for 2FA code after entering credentials. The code is intercepted and used by attacker to access victim's account in real-time.
Malicious code is obfuscated using 218 techniques to evade detection by security scanners and make reverse engineering more difficult.