Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1C5B21070529E6CBB0142E087E9047B0E7AC641FEBF7B4B4616E05E6FB9F2874CA19315 |
|
CONTENT
ssdeep
|
384:bEfzGtU7Dg2COpfuJajICNCPgilmxhcSgfjksibcSaBj2sxiXH4y/7:qzW29pfFjIH4cSOIJcSsizRj |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
eca89b43ec42ecac |
|
VISUAL
aHash
|
ffcf93f3f30000ff |
|
VISUAL
dHash
|
233e262626c6dc0c |
|
VISUAL
wHash
|
fd8f83d3f30000e7 |
|
VISUAL
colorHash
|
06000040006 |
|
VISUAL
cropResistant
|
333b3626262626e6,000000003a4d0c26,dcc9f0e9f015d85b,0b5434d4d4d4344b |
Victim is prompted for 2FA code after entering credentials. The code is intercepted and used by attacker to access victim's account in real-time.
Malicious code is obfuscated using 624 techniques to evade detection by security scanners and make reverse engineering more difficult.