PHP Malware Analysis

Back to list

Tags

Encoding
base64_decode
base64_encode
URLs
https://www.facebook.com/groups/hallucyber/
https://www.facebook.com/wearenoobdefacer/
https://fonts.googleapis.com/css?family=Abel
https://fonts.googleapis.com/css?family=Lobster
http://fonts.googleapis.com/css?family=Times
https://fonts.googleapis.com/css?family=Audiowide|Space+Mono
http://fonts.googleapis.com/css?family=Wallpoet
https://fonts.googleapis.com/css?family=Gloria+Hallelujah|Permanent+Marker
https://fonts.googleapis.com/css?family=courier+new|Permanent+Marker
http://fonts.googleapis.com/css?family=Quicksand
http://fonts.googleapis.com/css?family=Orbitron
https://fonts.googleapis.com/css?family=VT323
http://fonts.googleapis.com/css?family=Iceland
http://fonts.googleapis.com/css?family=Allerta+Stencil
http://fonts.googleapis.com/css?family=Kumar+One+Outline
https://fonts.googleapis.com/css?family=Bungee+Shade|Monoton|Nova+Square
https://fonts.googleapis.com/css?family=Arvo|Electrolize|Iceberg
https://fonts.googleapis.com/css?family=Ubuntu
http://fonts.googleapis.com/css?family=Share+Tech+Mono
http://target.com/idx_config/user-config.txt
https://www.facebook.com/groups/hallucyber/
https://www.facebook.com/wearenoobdefacer/
Input
_GET
_POST
Environment
set_time_limit
error_reporting

Deobfuscated code

No debofuscation yet...

Original code