PHP Malware Analysis
index.html
md5: 80707e66572d0ec72d3a574df6e522c1
Jump to:
- Deobfuscated code (Read more)
- Execution traces (Read more)
- Generated HTML (Read more)
- Original Code (Read more)
Screenshot
Attributes
Title
- Dalam Perbaikan - Silakan kembali lagi nanti (Deobfuscated, HTML, Original)
URLs
- http://ipa.co.in/music/dj.mp3 (Deobfuscated, HTML, Original)
- https://html5shiv.googlecode.com/svn/trunk/html5.js (Deobfuscated, HTML, Original)
- https://instagram.com/5etiaji.id (Deobfuscated, HTML, Original)
Deobfuscated PHP code
<!doctype html><html lang="en" onclick="popup()"><head> <meta charset="utf-8"> <title>Dalam Perbaikan - Silakan kembali lagi nanti</title> <meta name="description" content="Dalam Perbaikan - Silakan kembali lagi nanti"> <meta name="author" content="Vamsi"> <link href='//fonts.googleapis.com/css?family=Open+Sans' rel='stylesheet' type='text/css'>
<style> html { background: #f1f1f1; } body { background: #fff; max-width: 70%; font-family: "Open Sans", sans-serif; font-size: 14px; padding: 1.5em 2em; margin: 5em auto; -webkit-box-shadow: 0 1px 3px rgba(0,0,0,0.13); box-shadow: 0 1px 3px rgba(0,0,0,0.13); } </style>
<!--[if lt IE 9]> <script src="https://html5shiv.googlecode.com/svn/trunk/html5.js"></script> <![endif]--></head><body>
<script type="text/javascript">
var popup = function() {
window.open ("https://instagram.com/5etiaji.id", "Window","status=1");}
var lohkok = function() {
window.open ("https://instagram.com/5etiaji.id", "Window","status=1");
}
</script>
<script> function popup(){ var audio = document.getElementById('xxoverthinker1877'); audio.play(); } function x1877x(){ document.getElementById('xxoverthinker1877xx').style.visibility='visible'; }</script>
<!--[if lt IE 9]> <script src="https://html5shiv.googlecode.com/svn/trunk/html5.js"></script> <![endif]-->
<body onclick="lohkok()">
<h1>Dalam Perbaikan - Silakan kembali lagi nanti</h1>
<p>
<em><b>touch Setiaji.id</b></em>
</p>
Kami sedang melakukan update dan maintenance. Silakan kembali lagi nanti
<br>
<br>
<audio id="xxoverthinker1877" src="http://ipa.co.in/music/dj.mp3"></audio>
</body></html>
<em>touch background</em>
Execution traces
Generated HTML code
<html lang="en" onclick="popup()"><head> <meta charset="utf-8"> <title>Dalam Perbaikan - Silakan kembali lagi nanti</title> <meta name="description" content="Dalam Perbaikan - Silakan kembali lagi nanti"> <meta name="author" content="Vamsi"> <link href="//fonts.googleapis.com/css?family=Open+Sans" rel="stylesheet" type="text/css">
<style> html { background: #f1f1f1; } body { background: #fff; max-width: 70%; font-family: "Open Sans", sans-serif; font-size: 14px; padding: 1.5em 2em; margin: 5em auto; -webkit-box-shadow: 0 1px 3px rgba(0,0,0,0.13); box-shadow: 0 1px 3px rgba(0,0,0,0.13); } </style>
<!--[if lt IE 9]> <script src="https://html5shiv.googlecode.com/svn/trunk/html5.js"></script> <![endif]--></head><body onclick="lohkok()">
<script type="text/javascript">
var popup = function() {
window.open ("https://instagram.com/5etiaji.id", "Window","status=1");}
var lohkok = function() {
window.open ("https://instagram.com/5etiaji.id", "Window","status=1");
}
</script>
<script> function popup(){ var audio = document.getElementById('xxoverthinker1877'); audio.play(); } function x1877x(){ document.getElementById('xxoverthinker1877xx').style.visibility='visible'; }</script>
<!--[if lt IE 9]> <script src="https://html5shiv.googlecode.com/svn/trunk/html5.js"></script> <![endif]-->
<h1>Dalam Perbaikan - Silakan kembali lagi nanti</h1>
<p>
<em><b>touch Setiaji.id</b></em>
</p>
Kami sedang melakukan update dan maintenance. Silakan kembali lagi nanti
<br>
<br>
<audio id="xxoverthinker1877" src="http://ipa.co.in/music/dj.mp3"></audio>
<em>touch background</em>
</body></html>Original PHP code
<!doctype html><html lang="en" onclick="popup()"><head> <meta charset="utf-8"> <title>Dalam Perbaikan - Silakan kembali lagi nanti</title> <meta name="description" content="Dalam Perbaikan - Silakan kembali lagi nanti"> <meta name="author" content="Vamsi"> <link href='//fonts.googleapis.com/css?family=Open+Sans' rel='stylesheet' type='text/css'>
<style> html { background: #f1f1f1; } body { background: #fff; max-width: 70%; font-family: "Open Sans", sans-serif; font-size: 14px; padding: 1.5em 2em; margin: 5em auto; -webkit-box-shadow: 0 1px 3px rgba(0,0,0,0.13); box-shadow: 0 1px 3px rgba(0,0,0,0.13); } </style>
<!--[if lt IE 9]> <script src="https://html5shiv.googlecode.com/svn/trunk/html5.js"></script> <![endif]--></head><body>
<script type="text/javascript">
var popup = function() {
window.open ("https://instagram.com/5etiaji.id", "Window","status=1");}
var lohkok = function() {
window.open ("https://instagram.com/5etiaji.id", "Window","status=1");
}
</script>
<script> function popup(){ var audio = document.getElementById('xxoverthinker1877'); audio.play(); } function x1877x(){ document.getElementById('xxoverthinker1877xx').style.visibility='visible'; }</script>
<!--[if lt IE 9]> <script src="https://html5shiv.googlecode.com/svn/trunk/html5.js"></script> <![endif]-->
<body onclick="lohkok()">
<h1>Dalam Perbaikan - Silakan kembali lagi nanti</h1>
<p>
<em><b>touch Setiaji.id</b></em>
</p>
Kami sedang melakukan update dan maintenance. Silakan kembali lagi nanti
<br>
<br>
<audio id="xxoverthinker1877" src="http://ipa.co.in/music/dj.mp3"></audio>
</body></html>
<em>touch background</em>