Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1323271306194ED3F90C382D59235AB5F72A6D246CB87030596FD93AC8EC6DE7EC27149 |
|
CONTENT
ssdeep
|
192:OJyevqK804mgChjN6aD2I5wLURsauYIueHez:QyyqK8HmgmjAaD2I5wLURsXue+z |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
d963263d8c2727cc |
|
VISUAL
aHash
|
183c383c3c1c1c18 |
|
VISUAL
dHash
|
7171e97130797171 |
|
VISUAL
wHash
|
3c3c3c3c3c3c3c3c |
|
VISUAL
colorHash
|
3a200030000 |
|
VISUAL
cropResistant
|
b2808c8a888eb2e0,7171e97130797171 |
Victim enters credit/debit card details including CVV and expiration. Card data is captured and can be used for fraudulent transactions or sold on dark web markets.
Malicious code is obfuscated using 3 techniques to evade detection by security scanners and make reverse engineering more difficult.