Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T158A135E5A36258270AB7C3D2AE555B7F32D5D30ADD86458002FCC3A99F8AC84FC4754E |
|
CONTENT
ssdeep
|
96:nycPB2ygg9zg9whmf3f0ScFKjwprsFkgmkKGPBhfi:ycPBguzu0mf3f0bKMprsFkgBKGhq |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
8c98e6a3cea6a3e2 |
|
VISUAL
aHash
|
ff18181818180018 |
|
VISUAL
dHash
|
693132b232332b21 |
|
VISUAL
wHash
|
ff181818181bdff8 |
|
VISUAL
colorHash
|
38000038000 |
|
VISUAL
cropResistant
|
693132b232332b21 |
Fake Bitcoin Hyper site positioned to capture victims through SEO tactics, typosquatting, or paid advertising. Serves as entry point for multi-stage attacks including credential theft and malware distribution.
Malicious code is obfuscated using 1 techniques to evade detection by security scanners and make reverse engineering more difficult.