Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T10E427272D444FE3B80A3C2D096B5AB1A33E5D244ED570214EBF8876D9FE2DE0ED05265 |
|
CONTENT
ssdeep
|
192:hL+EQ719xB+Y05u0y02WZrPOlMZuVHh91gZ/Zswt5ptUn0tLvqMN:Ra1hC5jv2wLOlMZ49AhswTptUn0lqMN |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
b939cececc393103 |
|
VISUAL
aHash
|
dbcfcfcfffffc3ff |
|
VISUAL
dHash
|
221a9a9a20161620 |
|
VISUAL
wHash
|
d0c4c0c0c8d8c0d8 |
|
VISUAL
colorHash
|
07200030040 |
|
VISUAL
cropResistant
|
221a9a9a20161620,c9a9a88e969676ce |
Victim enters banking credentials including account numbers and security questions. Attacker gains full access to victim's banking services.
Malicious code is obfuscated using 3 techniques to evade detection by security scanners and make reverse engineering more difficult.