Virus-Total URL Scan vs SHA-256 Analysis?
My antivirus detected some malware in my browser cache while just browsing a webpage. The file was quarantined and I deleted it, however it looked like JavaScript.
As I had deleted the file and had nothing to upload, I decided to put the URL through Virus-Total instead. 4 vendors indicated it was malicious and had malware.
https://www.virustotal.com/gui/url/6d2871a345f2f2924da49e7d94ca0486f2029495c587363992eeacbcaa977aa
There is also an option to scan/analyse the URLs SHA-256 hash and this indicated 23 vendors were seeing trojans and JavaScript injections.
https://www.virustotal.com/gui/file/32de7be3385dc4f48158491c1bd68813e17c58ffa925e61cb7cd82e336b63da
Why are the results so different? Isn’t the SHA-256 just a hash of the URL name? Shouldn’t it match the original URL scan results?
Any insight would be appreciated thanks.
