Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1EBC23B5FF358503EC912E1E8672F776DA11704EBCEDA4400E7A05398A876C6EC0B69B6 |
|
CONTENT
ssdeep
|
768:bneYenJXxfMHBREHzdz3JF/QxqQ2vUwXNAzwUWAyWwR2vYt4L:rSc2pbQr2vUxzwUWAnwR2vYt4L |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
b1389ace65309bcd |
|
VISUAL
aHash
|
ffe7c7c3c3e7efef |
|
VISUAL
dHash
|
1e1c1e8e860e0c1e |
|
VISUAL
wHash
|
99c3c3c3c3c3c3c3 |
|
VISUAL
colorHash
|
07e00000000 |
|
VISUAL
cropResistant
|
1e1c1e8e860e0c1e,7aeaf5d393b13d1c,3654646c2e98989e |
Victim is prompted for 2FA code after entering credentials. The code is intercepted and used by attacker to access victim's account in real-time.
Malicious code is obfuscated using 8 techniques to evade detection by security scanners and make reverse engineering more difficult.