Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1B2B21AB65314BEBD24130BE3B319B189F06EE50EE97A2D19EF914C73A7C0C5740BA506 |
|
CONTENT
ssdeep
|
768:i+gz+v+dod46IBQaaG64yb5q49C0wIQF6hoC:iB+/d46IBQdG64yb5/fQFOZ |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
e2996cccd9629966 |
|
VISUAL
aHash
|
ffe7e7e7e7e7e7e7 |
|
VISUAL
dHash
|
2b4c4c4d0d0e4d0f |
|
VISUAL
wHash
|
81a000e7e7e7e7c3 |
|
VISUAL
colorHash
|
07006000080 |
|
VISUAL
cropResistant
|
2b4c4c4d0d0e4d0f,cca4a4a5a4a2c04c |
Victim is prompted for 2FA code after entering credentials. The code is intercepted and used by attacker to access victim's account in real-time.
Malicious code is obfuscated using 2 techniques to evade detection by security scanners and make reverse engineering more difficult.
Pages with identical visual appearance (based on perceptual hash)
Found 1 other scan for this domain