Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T15D82C8711441A83F06E793D6B6D2DB3FB2D78386C8235B4562FD872A0FD6E42CD61116 |
|
CONTENT
ssdeep
|
384:Ydb3ZSi1m51F+zUiBVvdOE5Mf54GxE+g2b5YAytRFE:qx1+uBVVToCj+9H4LE |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
c394acb8f198cec3 |
|
VISUAL
aHash
|
ff027c2c60000030 |
|
VISUAL
dHash
|
d4ccc8c8c835c0c4 |
|
VISUAL
wHash
|
ff077c3c60fd0070 |
|
VISUAL
colorHash
|
38200058000 |
|
VISUAL
cropResistant
|
f0f0f0d4d4f0f0f0,d4c4c8c8c834c0c4 |
Victim is prompted for 2FA code after entering credentials. The code is intercepted and used by attacker to access victim's account in real-time.
Malicious code is obfuscated using 2 techniques to evade detection by security scanners and make reverse engineering more difficult.
Found 1 other scan for this domain