Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1C762D63075E5BC7B013BD2D96BE5779A72D2E359E52A0910D3F85B6D4BC8EE0B883201 |
|
CONTENT
ssdeep
|
384:BLhKL6HLjgfQQmhVSSfVfA3kdZsxpZbMVmwO:BLhKL6HLjgYnVrVEkdZsLZbMV5O |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
b38ccc3393cc3333 |
|
VISUAL
aHash
|
ffffe7fdedc3ffef |
|
VISUAL
dHash
|
00104828494e3008 |
|
VISUAL
wHash
|
c0c0e4c4efc3c3c3 |
|
VISUAL
colorHash
|
07e00000000 |
|
VISUAL
cropResistant
|
00104828494e3008 |
Fake Huangguan (Crown Sports) page designed to appear in search results and trick users into visiting. May redirect to credential harvesting pages, malware downloads, or serve as a trust-building step before requesting sensitive information.
Malicious code is obfuscated using 3 techniques to evade detection by security scanners and make reverse engineering more difficult.