PHP Malware Analysis
100.html
md5: 72ab1598b39c6f21270b238f3388f691
Jump to:
- Deobfuscated code (Read more)
- Execution traces (Read more)
- Generated HTML (Read more)
- Original Code (Read more)
Screenshot
Attributes
Title
- Hacked By Mr.QLQ (Deobfuscated, HTML, Original)
URLs
- http://fonts.googleapis.com/css?family=Iceland (Deobfuscated, HTML, Original)
- http://i.imgur.com/5xLle3r.gif (Deobfuscated, HTML, Original)
- https://c.top4top.io/p_1728bwyqx1.jpg (Deobfuscated, HTML, Original)
- https://facebook.com/Mr.QLQ.HaCK (Deobfuscated, HTML, Original)
- https://www.youtube.com/watch?v=Qu4pp8o5Clo=0& (HTML)
- https://www.youtube.com/watch?v=Qu4pp8o5Clo=0&showinfo=0&autohide=1&wmode=transparent&hd=1 (Deobfuscated, Original)
Deobfuscated PHP code
<html><head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<title>Hacked By Mr.QLQ</title>
<meta name="keywords" content="LION OF SANAA">
<meta name="description" content="YEMEN.HACKER">
<link rel="shortcut icon" href="" type="image/x-icon">
<link href="http://fonts.googleapis.com/css?family=Iceland" rel="stylesheet" type="text/css">
</head><body background="http://i.imgur.com/5xLle3r.gif" bgcolor="#000000">
<style type="text/css">
<!--body,td,th {color: #CCCCCC;}
body {background="http://i.imgur.com/5xLle3r.gif"}
.style1 {font-family: Iceland;font-size: 10pt;}
.style2 {color: #00F000;font-weight: bold;}
.style3 {color: #FFFFFF}
.style7 {color: #FFFFFF; font-weight: bold; }
.style8 {font-family: Iceland;
font-size: 16pt;color: #FFFFFF;}
.style11 {font-size: 14pt}--></style></head>
<body bgcolor="#000000">
<center>
<pre><font color="red">
Attacker From Yemen
تم الاختراق من قبل مستر قلق أسد صنعاء
</font>" الإخوان و الشيعه سبب دمار الوطن العربي " </pre>
<font face="Iceland" size="6" color="#FFFFFF">
<p align="center"><font color="red" face="Iceland" size="7">Hacked By Mr.QLQ</font></p><p align="center">
</font></p><center><font face="Iceland" size="5" color="#FFFFFF"><img style="-webkit-user-select: none" src="https://c.top4top.io/p_1728bwyqx1.jpg" width="490" height="359"><br>
<br><font color="red"><a href=""></a> https://facebook.com/Mr.QLQ.HaCK </font>
<iframe width="0" height="0" src="https://www.youtube.com/watch?v=Qu4pp8o5Clo=0&showinfo=0&autohide=1&wmode=transparent&hd=1" frameborder="0" allowfullscreen=""></iframe>
</font>
</font>
</font>
</center>
</center>
<script data-cfasync="false" src="/cdn-cgi/scripts/f2bf09f8/cloudflare-static/email-decode.min.js"></script></body>
</htExecution traces
Generated HTML code
<html><head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<title>Hacked By Mr.QLQ</title>
<meta name="keywords" content="LION OF SANAA">
<meta name="description" content="YEMEN.HACKER">
<link rel="shortcut icon" href="" type="image/x-icon">
<link href="http://fonts.googleapis.com/css?family=Iceland" rel="stylesheet" type="text/css">
</head><body background="http://i.imgur.com/5xLle3r.gif" bgcolor="#000000">
<style type="text/css">
<!--body,td,th {color: #CCCCCC;}
body {background="http://i.imgur.com/5xLle3r.gif"}
.style1 {font-family: Iceland;font-size: 10pt;}
.style2 {color: #00F000;font-weight: bold;}
.style3 {color: #FFFFFF}
.style7 {color: #FFFFFF; font-weight: bold; }
.style8 {font-family: Iceland;
font-size: 16pt;color: #FFFFFF;}
.style11 {font-size: 14pt}--></style>
<center>
<pre><font color="red">
Attacker From Yemen
تم الاختراق من قبل مستر قلق أسد صنعاء
</font>" الإخوان و الشيعه سبب دمار الوطن العربي " </pre>
<font face="Iceland" size="6" color="#FFFFFF">
<p align="center"><font color="red" face="Iceland" size="7">Hacked By Mr.QLQ</font></p></font><p align="center"><font face="Iceland" size="6" color="#FFFFFF">
</font></p><center><font face="Iceland" size="5" color="#FFFFFF"><img style="-webkit-user-select: none" src="https://c.top4top.io/p_1728bwyqx1.jpg" width="490" height="359"><br>
<br><font color="red"><a href=""></a> https://facebook.com/Mr.QLQ.HaCK </font>
<iframe width="0" height="0" src="https://www.youtube.com/watch?v=Qu4pp8o5Clo=0&showinfo=0&autohide=1&wmode=transparent&hd=1" frameborder="0" allowfullscreen=""></iframe>
</font>
</center>
</center>
<script data-cfasync="false" src="/cdn-cgi/scripts/f2bf09f8/cloudflare-static/email-decode.min.js"></script>
</body></html>Original PHP code
<html><head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<title>Hacked By Mr.QLQ</title>
<meta name="keywords" content="LION OF SANAA">
<meta name="description" content="YEMEN.HACKER">
<link rel="shortcut icon" href="" type="image/x-icon">
<link href="http://fonts.googleapis.com/css?family=Iceland" rel="stylesheet" type="text/css">
</head><body background="http://i.imgur.com/5xLle3r.gif" bgcolor="#000000">
<style type="text/css">
<!--body,td,th {color: #CCCCCC;}
body {background="http://i.imgur.com/5xLle3r.gif"}
.style1 {font-family: Iceland;font-size: 10pt;}
.style2 {color: #00F000;font-weight: bold;}
.style3 {color: #FFFFFF}
.style7 {color: #FFFFFF; font-weight: bold; }
.style8 {font-family: Iceland;
font-size: 16pt;color: #FFFFFF;}
.style11 {font-size: 14pt}--></style></head>
<body bgcolor="#000000">
<center>
<pre><font color="red">
Attacker From Yemen
تم الاختراق من قبل مستر قلق أسد صنعاء
</font>" الإخوان و الشيعه سبب دمار الوطن العربي " </pre>
<font face="Iceland" size="6" color="#FFFFFF">
<p align="center"><font color="red" face="Iceland" size="7">Hacked By Mr.QLQ</font></p><p align="center">
</font></p><center><font face="Iceland" size="5" color="#FFFFFF"><img style="-webkit-user-select: none" src="https://c.top4top.io/p_1728bwyqx1.jpg" width="490" height="359"><br>
<br><font color="red"><a href=""></a> https://facebook.com/Mr.QLQ.HaCK </font>
<iframe width="0" height="0" src="https://www.youtube.com/watch?v=Qu4pp8o5Clo=0&showinfo=0&autohide=1&wmode=transparent&hd=1" frameborder="0" allowfullscreen=""></iframe>
</font>
</font>
</font>
</center>
</center>
<script data-cfasync="false" src="/cdn-cgi/scripts/f2bf09f8/cloudflare-static/email-decode.min.js"></script></body>
</ht