Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T13C41D13611086C3E52838294D771337F32969255DE4762109AE5537CDF92D8AFC73598 |
|
CONTENT
ssdeep
|
24:hR/OupOJL+RduB2xJ2Ahllj3Zq5BXhmoFwl8dj2jhllTllXlTl8dj2jhlln9K4Ky:TGupBg5VhmoFxMlsqCA |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
9c5c73f6cb788822 |
|
VISUAL
aHash
|
819b1b1b1f1f0707 |
|
VISUAL
dHash
|
2d36b7b2b2b0954f |
|
VISUAL
wHash
|
c38b1b1b1f1f0707 |
|
VISUAL
colorHash
|
38001000e00 |
|
VISUAL
cropResistant
|
2d36b7b2b2b0954f |
Victim is prompted for 2FA code after entering credentials. The code is intercepted and used by attacker to access victim's account in real-time.
Malicious code is obfuscated using 2 techniques to evade detection by security scanners and make reverse engineering more difficult.
Found 2 other scans for this domain