Collection of most common WordPress malware collected over the years.

Files are organized in directories by the day discovered by CXS or Imunify360

Custom Functions

Most common custom functions defined within php files that are responsible for malicious behavior such as file modifications, downloading, executing PHP, and scanning files:

restore(); file_man(); edit_file(); save_file(); save_norm(); delete_file(); delete_zpl(); exec_php(); suicide(); make_worker(); manage_file(); download000(); chmod_file(); renew_file(); manual_av(); manual_wp(); make_wp(); copy_zpl(); update_wordpress(); debug_wordpress(); delete_md5(); delete_name();

Email me for removal at pejcha1994[at]gmail.com