Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T136327030A194ED3B90C382E59235AB5F72A6D246CB47030597FD93AC8EC6DE7EC26149 |
|
CONTENT
ssdeep
|
192:OJybqK8ebmgChjN6aD2I5wLURsauYIueHe7:QybqK8ymgmjAaD2I5wLURsXue+7 |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
d9732626278d8967 |
|
VISUAL
aHash
|
0018181818181818 |
|
VISUAL
dHash
|
7171b0b170707169 |
|
VISUAL
wHash
|
3c3c3c3c3c3c3c3c |
|
VISUAL
colorHash
|
3a000008180 |
|
VISUAL
cropResistant
|
b0fe82aab03b2b92,7171b0b170707169 |
Victim enters credit/debit card details including CVV and expiration. Card data is captured and can be used for fraudulent transactions or sold on dark web markets.
Malicious code is obfuscated using 3 techniques to evade detection by security scanners and make reverse engineering more difficult.