Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T179A12FB09164AD3B64E3C2E1D7646BBB32E0820BDB5313515BFD839E4BCAD96DC220C5 |
|
CONTENT
ssdeep
|
48:TEk3v++YmZZeaIVv88V18V58Vv9F3h7QulR18b44k2Ocy4cFfB9eMXF8fSlbLwQ:T53LIi8/8j8p3yYYqPB7XMKbLwQ |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
92b26d3c92b66c6c |
|
VISUAL
aHash
|
067c340e0c303030 |
|
VISUAL
dHash
|
d4c9cc6d48626060 |
|
VISUAL
wHash
|
2e7c3c3e3c3c3838 |
|
VISUAL
colorHash
|
38e00000000 |
|
VISUAL
cropResistant
|
8205124d4d4c3004,d4c9cc6d48626060 |
Generic phishing page with unclear attack methodology. May use social engineering, brand impersonation, or other tactics to deceive victims.
Malicious code is obfuscated using 3 techniques to evade detection by security scanners and make reverse engineering more difficult.
Pages with identical visual appearance (based on perceptual hash)