Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T18381113191581D7D261B4BC8E639336A31EB9689FB0A20143AFD13B05AC7DADDD73094 |
|
CONTENT
ssdeep
|
48:TU9q4mSud5LeBMFpdWwsd1e1Pl1Pgz2i93SEgVgGF706v7bipaxhHe8rSA4ie14d:TU/ONnWrePogqGFl7biehHU1ubo5S |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
b39c9c333626999c |
|
VISUAL
aHash
|
ffffffe7e7efe7ff |
|
VISUAL
dHash
|
205a224d4d484c31 |
|
VISUAL
wHash
|
ffffffe7000000a0 |
|
VISUAL
colorHash
|
070000101c0 |
|
VISUAL
cropResistant
|
205a224d4d484c31,4161416549313369 |
Victim is prompted for 2FA code after entering credentials. The code is intercepted and used by attacker to access victim's account in real-time.
Malicious code is obfuscated using 4 techniques to evade detection by security scanners and make reverse engineering more difficult.
Pages with identical visual appearance (based on perceptual hash)
Found 10 other scans for this domain