Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T14E231C23EA85362512A36380F712E717E388D04DD647C75696EF832EA2CCD44DD3BB65 |
|
CONTENT
ssdeep
|
768:+JxUe2P0dvlXgk7JeIa18g+dr5x9jjQuy2ODLNZ+UiTGVh4xbztJgIATz7dFZG6K:+oPUXguJeIa1Z+drr9jjQuy2++NTGVhy |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
9c63679c37164c35 |
|
VISUAL
aHash
|
0081818f9f9f9e93 |
|
VISUAL
dHash
|
a403333c34303427 |
|
VISUAL
wHash
|
0081c18f9f9f9f93 |
|
VISUAL
colorHash
|
00000000007 |
|
VISUAL
cropResistant
|
faee9ad9e461a38f,a7ada9ea2eaeae94,a403333c34303427 |
Victim is prompted for 2FA code after entering credentials. The code is intercepted and used by attacker to access victim's account in real-time.
Malicious code is obfuscated using 935 techniques to evade detection by security scanners and make reverse engineering more difficult.