Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T156810371925C2C3D360B4AC9E739336A319B538AEB0B21147ABD037487C6D6EEC774A4 |
|
CONTENT
ssdeep
|
96:TUSKtNg9WnxHSegqGFlE/mehHU1ubo5MO:gXNgYkeXo2jhob2O |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
b39c8c3b3626999c |
|
VISUAL
aHash
|
ffffffe7e7efe7ff |
|
VISUAL
dHash
|
205a224d4d484c31 |
|
VISUAL
wHash
|
ffffffe7000000a0 |
|
VISUAL
colorHash
|
070000001d0 |
|
VISUAL
cropResistant
|
205a224d4d484c31,616951414d31334d |
Victim is prompted for 2FA code after entering credentials. The code is intercepted and used by attacker to access victim's account in real-time.
Malicious code is obfuscated using 4 techniques to evade detection by security scanners and make reverse engineering more difficult.
Found 1 other scan for this domain