Top

Thumbs.php

Today we found new Thumbs.php encoded malware, which trying to hide PHP code to unreadable. This technique is not nothing new, so this is very easy de-obfuscate PHP code and make it readable again.

Thumbs.php

After we manually decoded this PHP malware, we found again FilesMan backdoor which is PHP command shell.

Decoded Thumbs.php

FilesMan

FilesMan – WSO 2.5

FilesMan

Final words

Use Malware Expert – Signatures detect this malware from files for FREE!

Websites that using Malware Expert – ModSecurity rules are protected against this kind attacks.

, , , ,

Comments are closed.