Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T173E2C8B12181AC3F874782D67262EF3DEBC5938ADE23981D85FE83465BF6D91D40252C |
|
CONTENT
ssdeep
|
384:Yur5kdpiqqZnc2W6e3U/JDGYe91Ouvvdz70IjuJXKf/NExIeiXDbs:jtkdEBZq6e3UhqYUgu9GKfFExIDDA |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
e56d4dc963c94961 |
|
VISUAL
aHash
|
f1c3c3e7e7ffffe7 |
|
VISUAL
dHash
|
33370e4d4d284896 |
|
VISUAL
wHash
|
81818383e7efe6c3 |
|
VISUAL
colorHash
|
07006000008 |
|
VISUAL
cropResistant
|
33370e4d4d284896,552dccc431314d65,ea8a16eb91d31726,ea8a16ea91d33726,eaaa96eaf9d71726,9bdaa6b5aececdb5,5101ccd631b20c01 |
Victim enters banking credentials including account numbers and security questions. Attacker gains full access to victim's banking services.
Malicious code is obfuscated using 2 techniques to evade detection by security scanners and make reverse engineering more difficult.