PHP_WEBSHELL.XVF
ALIASES:
PHP/WebShell.NAG (ESET-NOD32), PHP.Backdoor.Trojan (Symantec)
PLATFORM:
Windows, Linux
OVERALL RISK RATING:
DAMAGE POTENTIAL:
DISTRIBUTION POTENTIAL:
REPORTED INFECTION:
INFORMATION EXPOSURE:
Threat Type: Backdoor
Destructiveness: No
Encrypted:
In the wild: Yes
OVERVIEW
This backdoor may be hosted on a website and run when a user accesses the said website.
TECHNICAL DETAILS
File Size:
23,498 bytes
File Type:
Script
Initial Samples Received Date:
30 Jul 2015
Arrival Details
This backdoor may be hosted on a website and run when a user accesses the said website.
This malware arrives via the following means:
- May be uploaded and installed on a web server by a remote malicious user after gaining access to the server.
NOTES:
This backdoor is a web panel that is capable of manipulating commands to be executed on affected machines.