Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1D35115B0D621750C410DA3E9F164579DE313936ED70304085BFF2BAAE2DDC6984668FD |
|
CONTENT
ssdeep
|
48:T5DCDsWzopDDGT+upfu85hUAxgST7B2qkz+Qupzu8mAkprk8d7e/Q:T5DCghpDDGT+KdxgSTVLkzdOwAql7gQ |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
ecad395a1b5213e4 |
|
VISUAL
aHash
|
00f3f0f0f0f0f000 |
|
VISUAL
dHash
|
24a6a6a4a4a484a4 |
|
VISUAL
wHash
|
c0f3f0f0f0f0f0f0 |
|
VISUAL
colorHash
|
33000e00000 |
|
VISUAL
cropResistant
|
8080808080808080,d8dcab889080ac8c,24a6a6a4a4a484a4 |
Victim enters banking credentials including account numbers and security questions. Attacker gains full access to victim's banking services.
Malicious code is obfuscated using 2 techniques to evade detection by security scanners and make reverse engineering more difficult.