PHPkit is a simple PHP based backdoor, leveraging include() and php://input to allow the attacker to execute arbitrary PHP code on the infected server. The actual backdoor contains no suspicious calls such as eval() or system(), as the PHP code is executed in memory by include().
9ae6f1db9ff8c94146491368c999d0b4d6a0a9cfe7316a6f72a899025250bf36