Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T160A28475B281693310A3C3C6E37527AB72F48645DA4307419BFCA7AC0BEAC55FE27458 |
|
CONTENT
ssdeep
|
192:ZqPxE0nOA0byU+gbQFDSyiAXxbJbQFDSyiAXxbvZJdz2H7v99MVPSiA:R0BHbFD7sFD7fJdz2bVKlA |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
ec93acec1341ec99 |
|
VISUAL
aHash
|
ffffff00d3d3c3c3 |
|
VISUAL
dHash
|
cc2c32dc27272727 |
|
VISUAL
wHash
|
ffc7ff00d3818181 |
|
VISUAL
colorHash
|
0f201000180 |
|
VISUAL
cropResistant
|
c0909c2c34389880,d827272727272727,201a616564640200,c7a0b2d88c8d1220,47a188386dc10365,4db0f34cc6c6d4e4 |
Victim enters banking credentials including account numbers and security questions. Attacker gains full access to victim's banking services.
Malicious code is obfuscated using 3 techniques to evade detection by security scanners and make reverse engineering more difficult.