°D;i¦*”[ 6;iÌdpHÀ–Accept-Encoding,User-Agent<Ü°1)Z$ø)˜Ÿ«Þ\ç KEY: http://avaliareassessoria.com.br/Ven-C404/root/proc/3/cwd/usr/local/maldetect/clean/php_malware_hexinject HTTP/1.1 200 OK Date: Thu, 11 Dec 2025 21:24:48 GMT Server: Apache Last-Modified: Sat, 08 Sep 2018 20:01:42 GMT Accept-Ranges: bytes Content-Length: 429 Vary: Accept-Encoding,User-Agent Connection: close #!/usr/bin/env bash export PATH=/sbin:/bin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin # $1 file path, $2 signature name, $3 file owner, $4 file mode, $5 file size (b), $6 file md5sum if [ -f "$1" ]; then sed -i -e 's/^$pw=\".*.=\"\\x.*.*\";$.*))));//' -e '/^\$.*=\".*=\"\\.*=\"\\x.*))));\r$/d' -e '/^foreach ($_GET.*insert.*base64_decode.*admin_user.*base64_decode.*substr_count(strtolower.*die(.*}.*\r/d' "$1" fi