NEW | Hunt across all abuse.ch platforms with one simple query - discover if an IPv4 address, domain, URL or file hash has been identified on any platform from a centralized search tool. Test it out here hunting.abuse.ch - and happy hunting 🔍

MalwareBazaar Database

This page shows some basic information the YARA rule webshell_php_by_string_obfuscation including corresponding malware samples.

Database Entry

YARA Rule:webshell_php_by_string_obfuscation
Create hunting rule
Author:Arnim Rupp
Description:PHP file containing obfuscation strings. Might be legitimate code obfuscated for whatever reasons, a webshell or can be used to insert malicious Javascript for credit card skimming
Firstseen:2021-12-24 21:26:45 UTC
Lastseen:2022-01-17 13:02:36 UTC
Sightings:2

Malware Samples

The table below shows all malware samples that matching this particular YARA rule (max 1000).

Firstseen (UTC)SHA256 hashTagsSignatureReporter