PHP Malware Analysis
wget.php
md5: 7ed091617ee8f34d8fcbb65e68fa17ce
Jump to:
- Deobfuscated code (Read more)
- Execution traces (Read more)
- Generated HTML (Read more)
- Original Code (Read more)
Screenshot
Attributes
Execution
- system (Deobfuscated, Original)
Deobfuscated PHP code
<?php
system("id");Execution traces
data/traces/7ed091617ee8f34d8fcbb65e68fa17ce_trace-1676250268.3907.xtVersion: 3.1.0beta2
File format: 4
TRACE START [2023-02-12 23:04:54.288542]
1 0 1 0.000245 393512
1 3 0 0.000298 393240 {main} 1 /var/www/html/uploads/wget.php 0 0
2 4 0 0.000315 393240 system 0 /var/www/html/uploads/wget.php 2 1 'id'
2 4 1 0.002076 393352
2 4 R 'uid=33(www-data) gid=33(www-data) groups=33(www-data)'
1 3 1 0.002108 393240
0.002143 314224
TRACE END [2023-02-12 23:04:54.290486]
Generated HTML code
<html><head></head><body>uid=33(www-data) gid=33(www-data) groups=33(www-data)
</body></html>Original PHP code
<?php
system("id");
?>