A PHP file was just uploaded to me via ftp,
It's an obfuscated PHP script. What these usually do, is give open access to anyone and then they can completely control your server.
I sent it to VirusTotal. Only six products flagged it as malware.
The following products saw no problem:
The interesting thing about this particular specimen, is that it was first uploaded to Virustotal three years ago, on November 5, 2012. Three years!
How can this be? VirusTotal says "Files and URLs sent to VirusTotal will be shared with antivirus
vendors and security companies so as to help them in improving their
services and products.". Good idea. So how come the companies listed above, have not added this malware to their detection?
I have no answer to that question.