Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T12E81771FB34A32240A124594689493EFD32F94FCEFB11F16E9B4C05C66861D9C6B7B8E |
|
CONTENT
ssdeep
|
48:TnlyN6zFN0mly6PmxtgS7BnLjHo3vXcx03ovUBlOF1CHeFJtdE297FzmOzjNW3zP:TgAz8NxT3VnPUvNBO1iqJ63jEPEv |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
b00f0b0f3312f3f5 |
|
VISUAL
aHash
|
0000ffffffffffff |
|
VISUAL
dHash
|
f9f7109c96969c9c |
|
VISUAL
wHash
|
0000c7c7c3dfcfc7 |
|
VISUAL
colorHash
|
06007000000 |
|
VISUAL
cropResistant
|
b49e9c9696b09c9c,ffbf6969bff3ffff |
Fake Trezor site positioned to capture victims through SEO tactics, typosquatting, or paid advertising. Serves as entry point for multi-stage attacks including credential theft and malware distribution.
Uses typical phishing tactics including brand impersonation, urgency tactics, and social engineering to trick victims into providing sensitive information.