Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T197B251B0A155AA3742A781D0E7B51B7FB3E0D288DD870690D3FDC36D1AEAC49FC62854 |
|
CONTENT
ssdeep
|
768:r8ow7IR4ZyEN1Zy1NjJmFhiX0BA8t6X4tcanxQ44Jci:rHpRkYJJmFhiX0BA8t6X4tcanxQ44V |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
c5d43838c5c7c63e |
|
VISUAL
aHash
|
c0c0fc780001013f |
|
VISUAL
dHash
|
1418e0c4c6cb83f1 |
|
VISUAL
wHash
|
c0c0fc7a7a61037f |
|
VISUAL
colorHash
|
38001000180 |
|
VISUAL
cropResistant
|
979754456524e575,931266b52b545466,b73725cd1112d6c2,1418e0c4c6cb83f1 |
Victim enters banking credentials including account numbers and security questions. Attacker gains full access to victim's banking services.
Malicious code is obfuscated using 2 techniques to evade detection by security scanners and make reverse engineering more difficult.