Script
	
	#include <IE.au3>
	#Include <ScreenCapture.au3>
	#Include <joeboxfunc.au3>
	
	; Create a new import directory, it is automatically imported by Joe Sandbox
	$srcdir = "Z:\adddata\shoots\"
	DirCreate($srcdir)
	
	Opt("WinTitleMatchMode", 2) 
	
	_JBSetSystem("xp")
	_JBHideTools()
	
	; Navigate to e-banking page
	$oIE = _IECreate("https://www.yourbank.com/ebanking", 0, 1, 0)
	_IELoadWait($oIE, 0, 30000)
	WinSetState("Internet Explorer", "", @SW_MAXIMIZE)
	Sleep(3000)
	
	; Take a first clean screenshot 
	_ScreenCapture_Capture($srcdir & "before.jpg")
	_IEQuit($oIE)
	
	_JBStartSniffer()
	_JBLoadProvidedBin()
	
	; Wait for malware installation
	Sleep(120000)
	
	_JBStopSniffer()
	
	$oIE = _IECreate("https://www.yourbank.com/ebanking", 0, 1, 0)
	_IELoadWait($oIE, 0, 30000)
	WinSetState("Internet Explorer", "", @SW_MAXIMIZE)
	Sleep(3000)
	
	; Take a second screenshot
	_ScreenCapture_Capture($srcdir & "after.jpg")
	_IEQuit ($oIE)
	
	$diffpix = CompareImages($srcdir & "before.jpg", $srcdir & "after.jpg")
	
	; If the two shoots are different a login page modification has been found
	If $diffpix > 50 Then
		_JBComment("Found login page modification")
	Else
		FileDelete($srcdir & "before.jpg")
		FileDelete($srcdir & "after.jpg")
	EndIf

EndScript