Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T151C1CCB46221592B06FBC3D26F611B2F72D9A348CD8645C002FCC75DEF9AC85ED8709A |
|
CONTENT
ssdeep
|
48:nGekc3L7B22gT73wf38JyS+3PiRpH69Wub7eoZamcEXsUZzso30r9V+oVGQkZUbJ:n8cPB2gfsUS+3xhXsUVsowfykKH+Kdfa |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
b831c7c6c7673831 |
|
VISUAL
aHash
|
7fcfc3cfcfcfe3ff |
|
VISUAL
dHash
|
ccb8969a9ab40e28 |
|
VISUAL
wHash
|
00c343cbc3cfc3d7 |
|
VISUAL
colorHash
|
0700a000c00 |
|
VISUAL
cropResistant
|
ccb8969a9ab40e28 |
Victim is prompted for 2FA code after entering credentials. The code is intercepted and used by attacker to access victim's account in real-time.
Malicious code is obfuscated using 2304 techniques to evade detection by security scanners and make reverse engineering more difficult.