Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1B6C2FEB422530AE563BBC6F4B7597F2578D4E3EBC50B81C895B550388E87A7CBF090A0 |
|
CONTENT
ssdeep
|
384:0TXhQw1VQj6/yPyTy+ykrT1x9udj258jcW1qJhTwfE7y2:GXhT1VqKOBS1GJ26j5kJQ+y2 |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
fbc1d48cc78e90a5 |
|
VISUAL
aHash
|
ffc9c5e1a3858181 |
|
VISUAL
dHash
|
671b19494f1d1d5d |
|
VISUAL
wHash
|
ffcbc1e1e3858181 |
|
VISUAL
colorHash
|
07600008000 |
|
VISUAL
cropResistant
|
671b19494f1d1d5d,6b7a5cdcc9899892,0f3f6ecf9b31e164,8e156c654b2acbcf,b57c783870073f78,b02b6765714e59f3,4e430d2643419080 |
Victim enters banking credentials including account numbers and security questions. Attacker gains full access to victim's banking services.
Malicious code is obfuscated using 2 techniques to evade detection by security scanners and make reverse engineering more difficult.
Pages with identical visual appearance (based on perceptual hash)