PHP Malware Analysis
unnzip.php
md5: 6eab8c7a7cba65f47dd5634fba730565
Jump to:
- Deobfuscated code (Read more)
- Execution traces (Read more)
- Generated HTML (Read more)
- Original Code (Read more)
Screenshot
Attributes
Deobfuscated PHP code
<form enctype="multipart/form-data" method="post" action="Descomprimir.php"> <div class="form-group"> <label for="exampleFormControlFile1">Subir archivo ZIP:</label> <input required type="file" class="form-control-file" name="zip_file"> </div> <div class="form-group"> <input type="submit" name="submit" value="Subir y Descomprimir" class="btn btn-primary" /> </div> </form>Execution traces
data/traces/6eab8c7a7cba65f47dd5634fba730565_trace-1676261977.7927.xtVersion: 3.1.0beta2 File format: 4 TRACE START [2023-02-13 02:20:03.690535] 1 0 1 0.000231 393528 1 3 0 0.000275 393504 {main} 1 /var/www/html/uploads/unnzip.php 0 0 1 3 1 0.000292 393504 0.000319 314240 TRACE END [2023-02-13 02:20:03.690720]Generated HTML code
<html><head></head><body><form enctype="multipart/form-data" method="post" action="Descomprimir.php"> <div class="form-group"> <label for="exampleFormControlFile1">Subir archivo ZIP:</label> <input required="" type="file" class="form-control-file" name="zip_file"> </div> <div class="form-group"> <input type="submit" name="submit" value="Subir y Descomprimir" class="btn btn-primary"> </div> </form></body></html>Original PHP code
<form enctype="multipart/form-data" method="post" action="Descomprimir.php"> <div class="form-group"> <label for="exampleFormControlFile1">Subir archivo ZIP:</label> <input required type="file" class="form-control-file" name="zip_file"> </div> <div class="form-group"> <input type="submit" name="submit" value="Subir y Descomprimir" class="btn btn-primary" /> </div> </form>
