Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1DCF194B1B160E53B155BC1E05B75BBBB27F5E186C7020AB1A5FCC3B846D2C96E833984 |
|
CONTENT
ssdeep
|
96:1yyNndfknH9CwVZ4te1RlDLAfCV178TITAqRzi3la2FbDyC/6IxS:1ySIcwEtexjn80i3w21J/6L |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
dcdc233399dc0c66 |
|
VISUAL
aHash
|
003c18da3c180000 |
|
VISUAL
dHash
|
d4e8b0b2b2f1d008 |
|
VISUAL
wHash
|
407cfefeff181800 |
|
VISUAL
colorHash
|
38008200018 |
|
VISUAL
cropResistant
|
4a6b584849595757,286c662a6b6b5595,d4e8b0b2b2f1d008 |
Victim is prompted for 2FA code after entering credentials. The code is intercepted and used by attacker to access victim's account in real-time.
Malicious code is obfuscated using 20 techniques to evade detection by security scanners and make reverse engineering more difficult.