HEX
Server: Apache/2.4.62 (Unix) OpenSSL/1.1.1k
System: Linux box12.multicloud.host 4.18.0-553.52.1.el8_10.x86_64 #1 SMP Wed May 14 09:36:12 EDT 2025 x86_64
User: kashmira (1008)
PHP: 8.1.32
Disabled: NONE
$ pwd: /usr/local/maldetect.bk1322038/logs/
Upload Files
File: //usr/local/maldetect.bk1322038/logs/event_log
Aug 11 2025 03:53:15 box12 maldet(847712): {sigup} performing signature update check...
Aug 11 2025 03:53:15 box12 maldet(847712): {sigup} local signature set is version 20250225482944
Aug 11 2025 03:53:35 box12 maldet(847712): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 11 2025 03:53:35 box12 maldet(847712): {sigup} new signature set error code: 522 available
Aug 11 2025 03:53:35 box12 maldet(847712): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 11 2025 03:54:16 box12 maldet(847712): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 11 2025 03:55:16 box12 maldet(847712): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Aug 11 2025 03:55:16 box12 maldet(847712): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 11 2025 03:56:00 box12 maldet(847712): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 11 2025 03:56:25 box12 maldet(847712): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Aug 11 2025 03:56:25 box12 maldet(847712): {sigup} verified md5sum of maldet-sigpack.tgz
Aug 11 2025 03:56:25 box12 maldet(847712): {sigup} unpacked and installed maldet-sigpack.tgz
Aug 11 2025 03:56:25 box12 maldet(847712): {sigup} unable to verify md5sum of maldet-clean.tgz, please try again or contact proj@rfxn.com
Aug 11 2025 03:56:25 box12 maldet(847712): {sigup} signature set update completed
Aug 11 2025 03:56:25 box12 maldet(847712): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 11 2025 03:56:25 box12 maldet(847185): {update} completed update v1.6.6 3a1792 => v1.6.6 359d25, running signature updates...
Aug 11 2025 03:56:25 box12 maldet(848301): {sigup} performing signature update check...
Aug 11 2025 03:56:25 box12 maldet(848301): {sigup} local signature set is version 202508101639180
Aug 11 2025 03:57:03 box12 maldet(848301): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 11 2025 03:57:03 box12 maldet(848301): {sigup} latest signature set already installed
Aug 11 2025 03:57:03 box12 maldet(847185): {update} update and config import completed
Aug 11 2025 03:57:03 box12 maldet(848469): {sigup} performing signature update check...
Aug 11 2025 03:57:03 box12 maldet(848469): {sigup} local signature set is version 202508101639180
Aug 11 2025 03:57:49 box12 maldet(848469): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 11 2025 03:57:49 box12 maldet(848469): {sigup} new signature set error code: 525 available
Aug 11 2025 03:57:49 box12 maldet(848469): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 11 2025 03:58:16 box12 maldet(848469): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 11 2025 03:59:10 box12 maldet(848469): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Aug 11 2025 03:59:10 box12 maldet(848469): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 11 2025 03:59:29 box12 maldet(848469): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 11 2025 04:00:04 box12 maldet(848469): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Aug 11 2025 04:00:04 box12 maldet(848469): {sigup} verified md5sum of maldet-sigpack.tgz
Aug 11 2025 04:00:04 box12 maldet(848469): {sigup} unpacked and installed maldet-sigpack.tgz
Aug 11 2025 04:00:04 box12 maldet(848469): {sigup} unable to verify md5sum of maldet-clean.tgz, please try again or contact proj@rfxn.com
Aug 11 2025 04:00:04 box12 maldet(848469): {sigup} signature set update completed
Aug 11 2025 04:00:04 box12 maldet(848469): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 11 2025 04:00:04 box12 maldet(849050): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 11 2025 04:00:04 box12 maldet(849050): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 11 2025 04:00:04 box12 maldet(849050): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Aug 11 2025 04:00:04 box12 maldet(849050): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 11 2025 04:00:04 box12 maldet(849050): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Aug 11 2025 04:00:05 box12 maldet(849050): {scan} file list completed in 1s, found 329 files...
Aug 11 2025 04:00:05 box12 maldet(849050): {scan} no $mail or $sendmail binaries found, e-mail alerts disabled.
Aug 11 2025 04:00:05 box12 maldet(849050): {scan} found clamav binary at /bin/clamscan, using clamav scanner engine...
Aug 11 2025 04:00:05 box12 maldet(849050): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (329 files) in progress...
Aug 11 2025 04:00:32 box12 maldet(849050): {hit} malware hit {YARA}php_in_image found for /tmp/phptmyiPM
Aug 11 2025 04:00:32 box12 maldet(849050): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 329, malware hits 1, cleaned hits 0, time 28s
Aug 11 2025 04:00:32 box12 maldet(849050): {scan} scan report saved, to view run: maldet --report 250811-0400.849050
Aug 11 2025 04:00:32 box12 maldet(849050): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250811-0400.849050
Aug 12 2025 03:42:04 box12 maldet(1161353): {update} checking for available updates...
Aug 12 2025 03:42:33 box12 maldet(1161353): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 12 2025 03:42:33 box12 maldet(1161353): {update} hashing install files and checking against server...
Aug 12 2025 03:43:21 box12 maldet(1161353): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 12 2025 03:43:21 box12 maldet(1161353): {update} version check shows latest but hash check failed, forcing update...
Aug 12 2025 03:43:21 box12 maldet(1161353): {update} downloaded https://cdn.rfxn.com/downloads/maldetect-current.tar.gz
Aug 12 2025 03:43:40 box12 maldet(1161353): {update} downloaded https://cdn.rfxn.com/downloads/maldetect-current.tar.gz.md5
Aug 12 2025 03:43:40 box12 maldet(1161353): {update} unable to verify md5sum of maldetect-current.tar.gz, update failed!
Aug 12 2025 03:43:40 box12 maldet(1161650): {sigup} performing signature update check...
Aug 12 2025 03:43:40 box12 maldet(1161650): {sigup} local signature set is version 202508101639180
Aug 12 2025 03:44:00 box12 maldet(1161650): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 12 2025 03:44:00 box12 maldet(1161650): {sigup} new signature set error code: 522 available
Aug 12 2025 03:44:00 box12 maldet(1161650): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 12 2025 03:44:45 box12 maldet(1161650): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 12 2025 03:45:25 box12 maldet(1161650): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Aug 12 2025 03:45:25 box12 maldet(1161650): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 12 2025 03:45:54 box12 maldet(1161650): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 12 2025 03:46:14 box12 maldet(1161650): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Aug 12 2025 03:46:14 box12 maldet(1161650): {sigup} unable to verify md5sum of maldet-sigpack.tgz, please try again or contact proj@rfxn.com
Aug 12 2025 03:46:14 box12 maldet(1161650): {sigup} unable to verify md5sum of maldet-clean.tgz, please try again or contact proj@rfxn.com
Aug 12 2025 03:46:14 box12 maldet(1162400): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 12 2025 03:46:14 box12 maldet(1162400): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 12 2025 03:46:14 box12 maldet(1162400): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Aug 12 2025 03:46:14 box12 maldet(1162400): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 12 2025 03:46:14 box12 maldet(1162400): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Aug 12 2025 03:46:15 box12 maldet(1162400): {scan} file list completed in 1s, found 696 files...
Aug 12 2025 03:46:15 box12 maldet(1162400): {scan} no $mail or $sendmail binaries found, e-mail alerts disabled.
Aug 12 2025 03:46:15 box12 maldet(1162400): {scan} found clamav binary at /bin/clamscan, using clamav scanner engine...
Aug 12 2025 03:46:15 box12 maldet(1162400): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (696 files) in progress...
Aug 12 2025 03:46:45 box12 maldet(1162400): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 696, malware hits 0, cleaned hits 0, time 31s
Aug 12 2025 03:46:45 box12 maldet(1162400): {scan} scan report saved, to view run: maldet --report 250812-0346.1162400
Aug 13 2025 03:21:37 box12 maldet(1321790): {update} checking for available updates...
Aug 13 2025 03:22:11 box12 maldet(1321790): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 13 2025 03:22:11 box12 maldet(1321790): {update} hashing install files and checking against server...
Aug 13 2025 03:22:31 box12 maldet(1321790): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 13 2025 03:22:31 box12 maldet(1321790): {update} version check shows latest but hash check failed, forcing update...
Aug 13 2025 03:22:31 box12 maldet(1321790): {update} downloaded https://cdn.rfxn.com/downloads/maldetect-current.tar.gz
Aug 13 2025 03:22:58 box12 maldet(1321790): {update} downloaded https://cdn.rfxn.com/downloads/maldetect-current.tar.gz.md5
Aug 13 2025 03:22:58 box12 maldet(1321790): {update} verified md5sum of maldetect-current.tar.gz
@ Telegram