Decode Malicious File

  • Resolved kentchee

    (@kentchee)


    2 years, 4 months ago

    Hi there,

    Can anyone help to decode the malicious file and find out what is the file intended to do?

    The file was uploaded to different WordPress plugin folders multiple times under different file names and always with the same file size.

    Link to download file: https://we.tl/t-44MkMI7v7s

    Thanks in advance.

    Regards
    Keane

    The page I need help with: [log in to see the link]

Viewing 1 replies (of 1 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @kentchee, thanks for reaching out to us!

    I appreciate you keeping a copy and uploading it. If you could pass your link on to samples @ wordfence . com with the background information of where it was placed, they should be able to shed more light on the situation and whether there’s anything further you need to do.

    Please note that when making files available, ensure that you remove any database access credentials or keys/salts contained inside before sending.

    Naturally if it’s something we haven’t encountered before which we can base a firewall rule or malware signature on, it will benefit all of our customers.

    Thanks,

    Peter.

Viewing 1 replies (of 1 total)
  • The topic ‘Decode Malicious File’ is closed to new replies.