Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1B272837202A5D57B22E7C1C0A239636FB3578156CB574B05A2FDA38C37C6C89EC7A6C4 |
|
CONTENT
ssdeep
|
96:NnNGSsqiM9hb5ksn7kbKnsywEDHCkeILL+ZVZD11PscfinkzQ10EkhwBKI9X533c:fsq97HseDiGSHZD19Q10DI9RB5Q0S39 |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
ea6a65953239cd8c |
|
VISUAL
aHash
|
e0e0f0c1ffffffff |
|
VISUAL
dHash
|
090533292932070f |
|
VISUAL
wHash
|
80c08081ddffe7e7 |
|
VISUAL
colorHash
|
07008008080 |
|
VISUAL
cropResistant
|
090533292932070f,00814121934b6772,0000203030000000 |
Victim enters banking credentials including account numbers and security questions. Attacker gains full access to victim's banking services.
Malicious code is obfuscated using 2 techniques to evade detection by security scanners and make reverse engineering more difficult.
Pages with identical visual appearance (based on perceptual hash)