Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1B7F44858543E2615840423DC8BBE71B3409CA2DAF869069E340D0769EF2F79B3FB6D9D |
|
CONTENT
ssdeep
|
768:Z0X1bC9dgzPuBCHzcggTd7aZfzwNxm3ZskLiKQ6wyBzmqrvl:Z4C9dgzPuBCHzcggpazwNWsQi56DzmG |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
9c1866632bac6be3 |
|
VISUAL
aHash
|
011e1f1a1c3cbd18 |
|
VISUAL
dHash
|
33b0b23270606060 |
|
VISUAL
wHash
|
011c1e1fff7c3c18 |
|
VISUAL
colorHash
|
33000000e01 |
|
VISUAL
cropResistant
|
1812726a6a727379,33b0b23270606060 |
Victim enters banking credentials including account numbers and security questions. Attacker gains full access to victim's banking services.
Malicious code is obfuscated using 3 techniques to evade detection by security scanners and make reverse engineering more difficult.