Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T17431D8D33404250BA30CEEC40A5AE31C32D4E686C3AB6669BCD611D976F7AA96117393 |
|
CONTENT
ssdeep
|
24:hrOp2Vqz7HZaRKiGu+Mr2UiYGP3xGKNjkLSBwpYGRDETB+vy63iYGP3pSgOkYtdg:MpjzTZaRKibjoB5oqwvZ3RoggOtdg |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
f16cb33068f08f0f |
|
VISUAL
aHash
|
c0c02ac000ffefff |
|
VISUAL
dHash
|
9304528ab48c8cca |
|
VISUAL
wHash
|
40c0cac000ffefff |
|
VISUAL
colorHash
|
030000001c0 |
|
VISUAL
cropResistant
|
f1c0a6263ebac0f1,a1989c96969e98a1,71c88e9696c09696,71c88e9696969696,71c88e9696c09696,b4b64c8c8cceca00,b18c52528cb55e8c,018430000c118e3c |
Fake DANA page designed to appear in search results and trick users into visiting. May redirect to credential harvesting pages, malware downloads, or serve as a trust-building step before requesting sensitive information.
Malicious code is obfuscated using 2 techniques to evade detection by security scanners and make reverse engineering more difficult.
| ID | Portuguese | English | Trigger |
|---|---|---|---|
Pages with identical visual appearance (based on perceptual hash)