PHP Malware Analysis

Back to list

Tags

URLs
https://i.ibb.co/KsDrKL5/anjg.png
https://i.ibb.co/KsDrKL5/anjg.png
https://fonts.googleapis.com/css?family=Almendra+Display|Almendra+SC|Piedra&
https://fonts.googleapis.com/css2?family=Modak&
https://i.ibb.co/KsDrKL5/anjg.png
https://k.top4top.io/m_1951z17f16.mp3
Title
Hacked By Nariozon

Deobfuscated code

<!DOCTYPE HTML>
<html lang="en">
  <head>
    <!-- Request MetaTags -->
    <meta charset="UTF-8">
    <title>Hacked By Nariozon</title>
  <meta name="description" content="Menanti Hingga Tak Ujung Kembali">
  <meta name=googlebot content="all,index,follow">
  <meta name=allow-search content=yes>
  <meta name=audience content=all> 
  <meta name=copyright content="Copyright ;copy A99+ Team"> 
  <meta property="og:title" content="Hacked By Nariozon"> 
  <meta property="og:image" content="https://i.ibb.co/KsDrKL5/anjg.png">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <link rel="icon" href="https://i.ibb.co/KsDrKL5/anjg.png">
    <!-- Special Google Font -->
    <link href="https://fonts.googleapis.com/css?family=Almendra+Display|Almendra+SC|Piedra&amp;display=swap" rel="stylesheet">
    <link href="https://fonts.googleapis.com/css2?family=Modak&amp;family=Rowdies&amp;display=swap" rel="stylesheet"> 
  </head>
  <!-- Main Style -->
  <style type="text/css">
    * {
      margin: 0;
      padding: 0;
      box-sizing: border-box;
    }
    body {
      background-color: #000000;
      background-size:600px;
      background-repeat: no-repeat;
      background-position: top;
      background-attachment: fixed;
      text-align: center;
    }
    .container {
      margin-top: 35%;
    }
    img {
      width: 250px;
      height: 250px;
      border: 1px solid #8892b0;
      border-radius: 3px;
      background: transparent;
      color: #8892b0;
      box-shadow: 4px 4px 4px #000;
      margin: 5px;
      background-color:rgba(00,000,000,0.8);
    }
    h1 {
      color: #E00D00;
      font-family: "Almendra sc";
      padding: 20px;
    }
    h1 span {
      color: #FFFFFF;
    }
    h2 {
      color: #FF0C00;
      font-family: "Almendra sc";
      padding: 10px;
    }
    h2 span {
      color: #8892b0;
    }
    .pesan {
      color: ;#FF0008
      font-family: 'Rawdies', cursive;
      text-shadow: 1px 1px 2px #e6f1ff;
      font-weight: 600;
      border: 2px solid #f50a0a;
      border-radius: 3px;
      box-shadow: 3px 3px 3px #FFFFFF;
      margin: 3px;
      background-color:rgba(000,000,000,0.8);
    }
    .pesan span {
      color: #FF0200;
    }
    .btn {
      border: 1px solid #f50a0a;
      padding: 5px;
      border-radius: 3px;
      background: transparent;
      color: #e6f1ff;
      font-weight: 800;
      box-shadow: 2px 2px 1px #e6f1ff;
      cursor: pointer;
    }
    .btn:hover {
      background: #000000;
      color: ;#f50a0a
      border: 1px solid #fff;
      box-shadow: 2px 2px 1px #5e5e5e;
      border-radius: 3px;
    }
    p {
      color: #f50a0a;
    }
    .thanks {
      color: #FF000B;
      font-weight: 800;
      border: 1px solid #fff;
      border-radius: 3px;
      font-family: "Almendra SC";
      margin: 5px;
      text-shadow: 1px 2px 2px #000;
    }
    .thanks span {
      color: #FFFFFF;
    }
    .footer {
      color: #FFFFFF;
      font-family: "Almendra SC";
      font-size: 1em;
      font-weight: 600;
      padding: 20px;
      text-shadow: 1px 1px 2px #000;
    }
    .footer span {
      color: #FFFFFF;
    }
  </style>
  <script>function play(){ var audio = document.getElementById("lagu"); audio.play();}function pause(){ var audio = document.getElementById("lagu"); audio.pause();}</script>

  <!-- Main Container -->
  <body>
<script>
document.getElementById('autoplay').play();
</script>
    <div class="container">
<img src="https://i.ibb.co/KsDrKL5/anjg.png" alt="love">
      <h1>Hacked by <span>Nariozon</span></h1>
      <marquee width="50%" scrollamount="40" direction="left"><font style="color:red;">___________________________</font></marquee>
      <h2>.::[<span> invisible-TeA </span>]::.</h2>
      <marquee width="50%" scrollamount="40" direction="right"><font style="color:white">___________________________</font></marquee>
      <h2 class="pesan">Tatap masa depanmu karena disanalah impian Kesalahan adil pengalaman hidup,<br>Belajarlah darinya. jangan mencoba tuk menjadi sempurna. Cobalah menjadi teladan bagi sesama Hidup terlalu singkat jika hanya menyesal. <br>Hidup hanya sekali, namun jika digunakan dengan baik, sekali saja cukup!<br><marquee width="50%" scrollamount="40" direction="right"><font style="color:white">____________</font></marquee><marquee width="50%" scrollamount="40" direction="left"><font style="color:white">___________</font></marquee><br></h2>
      <h2><br><font size="5px" face="Aleo"><font color="white"><b>.: GreetZ :.</b></font><br><font color="red" size="3px">[</font><marquee behavior="alternate" scrollamount="15%" width="70%"><font size="3px" face="Aleo"><b> <font color="red">Nariozon</font><b> - DENNIS.ID - Choirul Anam ID - DayatSee7 - L4N4N9_4K1R4 -  Anon7 - /Rayzky_./meicookies - exa_gans77 - VenoRyan - MR.HAGAN_4040CR4ZY - PohonSagu - ./s3nt1n3L - DemonArmy - FarisGanss - KosameAmegai - CompuByte - B3bek_Gans - Mr.Froggy  - K4TSUY4-GH05T - Malaikat Hati<font color="red" size="3px"> ] </font></b></marquee><font color="red" size="3px">]</font></h2>
      <h2>.::[ <span>What This Security</span> ]::.</h2>
      <marquee width="50%" scrollamount="120" direction="left"><font style="color:red;">___________________________</font></marquee>
      <h2 class="thanks"><button class="btn" onclick="play()"><font size="3">Play Music</font> </button>&nbsp;&nbsp;<button class="btn" onclick="pause()"><font size="3">Pause Music</font></button>&nbsp;&nbsp; <audio id="lagu" src="https://k.top4top.io/m_1951z17f16.mp3"></audio><br></h2>
      <marquee width="50%" scrollamount="120" direction="right"><font style="color:white;">___________________________</font></marquee>
      <p class="footer"> © <span></span> <font style="color:red;">99+Sec<font style="color:white;">Team.inc</p>
    </div>
  </body>
</html>


Original code

<!DOCTYPE HTML>
<html lang="en">
  <head>
    <!-- Request MetaTags -->
    <meta charset="UTF-8">
    <title>Hacked By Nariozon</title>
  <meta name="description" content="Menanti Hingga Tak Ujung Kembali">
  <meta name=googlebot content="all,index,follow">
  <meta name=allow-search content=yes>
  <meta name=audience content=all> 
  <meta name=copyright content="Copyright ;copy A99+ Team"> 
  <meta property="og:title" content="Hacked By Nariozon"> 
  <meta property="og:image" content="https://i.ibb.co/KsDrKL5/anjg.png">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <link rel="icon" href="https://i.ibb.co/KsDrKL5/anjg.png">
    <!-- Special Google Font -->
    <link href="https://fonts.googleapis.com/css?family=Almendra+Display|Almendra+SC|Piedra&amp;display=swap" rel="stylesheet">
    <link href="https://fonts.googleapis.com/css2?family=Modak&amp;family=Rowdies&amp;display=swap" rel="stylesheet"> 
  </head>
  <!-- Main Style -->
  <style type="text/css">
    * {
      margin: 0;
      padding: 0;
      box-sizing: border-box;
    }
    body {
      background-color: #000000;
      background-size:600px;
      background-repeat: no-repeat;
      background-position: top;
      background-attachment: fixed;
      text-align: center;
    }
    .container {
      margin-top: 35%;
    }
    img {
      width: 250px;
      height: 250px;
      border: 1px solid #8892b0;
      border-radius: 3px;
      background: transparent;
      color: #8892b0;
      box-shadow: 4px 4px 4px #000;
      margin: 5px;
      background-color:rgba(00,000,000,0.8);
    }
    h1 {
      color: #E00D00;
      font-family: "Almendra sc";
      padding: 20px;
    }
    h1 span {
      color: #FFFFFF;
    }
    h2 {
      color: #FF0C00;
      font-family: "Almendra sc";
      padding: 10px;
    }
    h2 span {
      color: #8892b0;
    }
    .pesan {
      color: ;#FF0008
      font-family: 'Rawdies', cursive;
      text-shadow: 1px 1px 2px #e6f1ff;
      font-weight: 600;
      border: 2px solid #f50a0a;
      border-radius: 3px;
      box-shadow: 3px 3px 3px #FFFFFF;
      margin: 3px;
      background-color:rgba(000,000,000,0.8);
    }
    .pesan span {
      color: #FF0200;
    }
    .btn {
      border: 1px solid #f50a0a;
      padding: 5px;
      border-radius: 3px;
      background: transparent;
      color: #e6f1ff;
      font-weight: 800;
      box-shadow: 2px 2px 1px #e6f1ff;
      cursor: pointer;
    }
    .btn:hover {
      background: #000000;
      color: ;#f50a0a
      border: 1px solid #fff;
      box-shadow: 2px 2px 1px #5e5e5e;
      border-radius: 3px;
    }
    p {
      color: #f50a0a;
    }
    .thanks {
      color: #FF000B;
      font-weight: 800;
      border: 1px solid #fff;
      border-radius: 3px;
      font-family: "Almendra SC";
      margin: 5px;
      text-shadow: 1px 2px 2px #000;
    }
    .thanks span {
      color: #FFFFFF;
    }
    .footer {
      color: #FFFFFF;
      font-family: "Almendra SC";
      font-size: 1em;
      font-weight: 600;
      padding: 20px;
      text-shadow: 1px 1px 2px #000;
    }
    .footer span {
      color: #FFFFFF;
    }
  </style>
  <script>function play(){ var audio = document.getElementById("lagu"); audio.play();}function pause(){ var audio = document.getElementById("lagu"); audio.pause();}</script>

  <!-- Main Container -->
  <body>
<script>
document.getElementById('autoplay').play();
</script>
    <div class="container">
<img src="https://i.ibb.co/KsDrKL5/anjg.png" alt="love">
      <h1>Hacked by <span>Nariozon</span></h1>
      <marquee width="50%" scrollamount="40" direction="left"><font style="color:red;">___________________________</font></marquee>
      <h2>.::[<span> invisible-TeA </span>]::.</h2>
      <marquee width="50%" scrollamount="40" direction="right"><font style="color:white">___________________________</font></marquee>
      <h2 class="pesan">Tatap masa depanmu karena disanalah impian Kesalahan adil pengalaman hidup,<br>Belajarlah darinya. jangan mencoba tuk menjadi sempurna. Cobalah menjadi teladan bagi sesama Hidup terlalu singkat jika hanya menyesal. <br>Hidup hanya sekali, namun jika digunakan dengan baik, sekali saja cukup!<br><marquee width="50%" scrollamount="40" direction="right"><font style="color:white">____________</font></marquee><marquee width="50%" scrollamount="40" direction="left"><font style="color:white">___________</font></marquee><br></h2>
      <h2><br><font size="5px" face="Aleo"><font color="white"><b>.: GreetZ :.</b></font><br><font color="red" size="3px">[</font><marquee behavior="alternate" scrollamount="15%" width="70%"><font size="3px" face="Aleo"><b> <font color="red">Nariozon</font><b> - DENNIS.ID - Choirul Anam ID - DayatSee7 - L4N4N9_4K1R4 -  Anon7 - /Rayzky_./meicookies - exa_gans77 - VenoRyan - MR.HAGAN_4040CR4ZY - PohonSagu - ./s3nt1n3L - DemonArmy - FarisGanss - KosameAmegai - CompuByte - B3bek_Gans - Mr.Froggy  - K4TSUY4-GH05T - Malaikat Hati<font color="red" size="3px"> ] </font></b></marquee><font color="red" size="3px">]</font></h2>
      <h2>.::[ <span>What This Security</span> ]::.</h2>
      <marquee width="50%" scrollamount="120" direction="left"><font style="color:red;">___________________________</font></marquee>
      <h2 class="thanks"><button class="btn" onclick="play()"><font size="3">Play Music</font> </button>&nbsp;&nbsp;<button class="btn" onclick="pause()"><font size="3">Pause Music</font></button>&nbsp;&nbsp; <audio id="lagu" src="https://k.top4top.io/m_1951z17f16.mp3"></audio><br></h2>
      <marquee width="50%" scrollamount="120" direction="right"><font style="color:white;">___________________________</font></marquee>
      <p class="footer"> © <span></span> <font style="color:red;">99+Sec<font style="color:white;">Team.inc</p>
    </div>
  </body>
</html>