PHP Malware Analysis

AcuTest1538.php

md5: 112819b19a5d9ddc2e3eb2d8f18403bd

Jump to: 

Screenshot
Attributes
Deobfuscated PHP code
���JFIFGG��2<?php 
echo md5('acunetix-file-upload-test');
?>��C	!"$"$��C��"����"1!Aa����"A"%2Bb����?u]Wƴ֙=-��Ci&j7����%�دh:�(�")��ׯk��G��N4����m��0���,�8M���l���Q$Q"�|oץ�|��&Ok_2{o�b�Y��%H6�m�l����7������XcyE��ɱ��1
��`E��qǍ�^�w����H�|.y�U>f.%�x�} �����
Execution traces
data/traces/112819b19a5d9ddc2e3eb2d8f18403bd_trace-1676258324.0203.xt
Version: 3.1.0beta2
File format: 4
TRACE START [2023-02-13 01:19:09.918127]
1	0	1	0.000166	393576
1	3	0	0.000213	394096	{main}	1		/var/www/html/uploads/AcuTest1538.php	0	0
2	4	0	0.000230	394096	md5	0		/var/www/html/uploads/AcuTest1538.php	1	1	'acunetix-file-upload-test'
2	4	1	0.000248	394192
2	4	R			'4d02070effdd7e319ca561bc66617a8a'
1	3	1	0.000264	394096
			0.000291	314264
TRACE END   [2023-02-13 01:19:09.918281]


Generated HTML code
<html><head></head><body>����JFIFGG��24d02070effdd7e319ca561bc66617a8a��C	!"$"$��C��"����"1!Aa����"A"%2Bb����?u]Wƴ֙=-��Ci&amp;j7����%�دh:�(�")��ׯk��G��N4����m��0���,�8M���l���Q$Q"�|oץ�|��&amp;Ok_2{o�b�Y��%H6�m�l����7��������XcyE��ɱ��1
��`E��qǍ�^�w����H���|.y�U&gt;f.%�x�} �����</body></html>
Original PHP code
���JFIFGG��2<?php echo(md5('acunetix-file-upload-test')); ?>��C	!"$"$��C��"����"1!Aa����"A"%2Bb����?u]Wƴ֙=-��Ci&j7����%�دh:�(�")��ׯk��G��N4����m��0���,�8M���l���Q$Q"�|oץ�|��&Ok_2{o�b�Y��%H6�m�l����7������XcyE��ɱ��1
��`E��qǍ�^�w����H�|.y�U>f.%�x�} �����