Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T11631EEB28091A83B435382C9BEAAE72F67D3819CCE43090053F863DE0FE6D10CD91109 |
|
CONTENT
ssdeep
|
24:hjBuNYPO00TvVOQPUxIpKc42xIw/vd91xyyu/3MvDCF7wvVtc+b9Q/Oz9PRctbA4:FBu6PNXxCKc42x7l9opwNuqSsox |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
91986a6227d6ec6d |
|
VISUAL
aHash
|
445e5e4e0e4e2400 |
|
VISUAL
dHash
|
9cb8b0dc9a9cccf4 |
|
VISUAL
wHash
|
4c5e5e7e5e4e2c08 |
|
VISUAL
colorHash
|
380012000c0 |
|
VISUAL
cropResistant
|
400be0d0cc239f1d,9cb8b0dc9a9cccf4 |
Victim enters banking credentials including account numbers and security questions. Attacker gains full access to victim's banking services.
Malicious code is obfuscated using 2 techniques to evade detection by security scanners and make reverse engineering more difficult.