Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1552245107040AC37C0C786D9A6B19BAB71F68305C9971285F6F8D3FD4BEBDA8EE22055 |
|
CONTENT
ssdeep
|
192:qtOrhNfOFrZ+wk1YtscjP3k1AgdBpXc3jk9S:3v2Fd+wMYfjs1AgdBpXc3jYS |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
bcc912ed1ab03ccd |
|
VISUAL
aHash
|
00ffffdfffc3ff00 |
|
VISUAL
dHash
|
1820343e32262c2d |
|
VISUAL
wHash
|
0000dfdfdf83ff00 |
|
VISUAL
colorHash
|
07000000038 |
|
VISUAL
cropResistant
|
1828343e32262c2d,122d0d69696d0d12 |
Victim enters banking credentials including account numbers and security questions. Attacker gains full access to victim's banking services.
Malicious code is obfuscated using 2 techniques to evade detection by security scanners and make reverse engineering more difficult.
Pages with identical visual appearance (based on perceptual hash)
Found 1 other scan for this domain