Report - github.com/advancedfx/advancedfx/releases/download/v2.157.0/hlae_2_157_0.zip

Report Overview

Submitted URL
github.com/advancedfx/advancedfx/releases/download/v2.157.0/hlae_2_157_0.zip
IP
140.82.121.3
ASN
#36459 GITHUB
Submitted
2024-04-17 06:22:42
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
19

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
github.com	1423	2007-10-09	2016-07-13	2024-03-24	530 B	3.9 kB	140.82.121.3
objects.githubusercontent.com	134060	2014-02-06	2021-11-01	2024-04-16	993 B	6.5 MB	185.199.109.133

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
objects.githubusercontent.com/github-production-release-asset-2e65be/89074083/0e4f6d7b-3f9d-4970-b4ef-08acdbb65281?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240417%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240417T062209Z&X-Amz-Expires=300&X-Amz-Signature=dd8e8ead16ecd60661aa819071fd1ed2b455c62151f39b61f63ca8a20465b25a&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=89074083&response-content-disposition=attachment%3B%20filename%3Dhlae_2_157_0.zip&response-content-type=application%2Foctet-stream
IP
185.199.109.133
ASN
#54113 FASTLY

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
6.5 MB (6520925 bytes)
Hash
2df07df72be47b6bf22b494312180909
25914e776a3809cb2fdf3f673423be4c08820fa9
8c8696dc30ad40f7feaadbcd4e563ff2722198022682878b32365b28bf1b390e

Archive (188)

Filename

Md5

File type

advancedfx.org.url

df8215fb9720fc3958c663b387521038

MS Windows 95 Internet shortcut text (URL=<http://advancedfx.org/>), ASCII text, with CRLF line terminators

AfxCppCli.dll

9c60ef0a526fd2f4c40ceb48f63d5d03

PE32 executable (DLL) (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 5 sections

AfxHook.dat

93e3389cf1af3eb7d916d96c0cab3e1c

DOS executable (COM), start instruction 0xe9aa0000 00909090

AfxHookGoldSrc.dll

9af0f739455a4e7935f59d211a8d53dc

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 7 sections

AfxHookGoldSrc_changelog.xml

894dd293103ebda4832fa256c96e3a21

XML 1.0 document, ASCII text, with CRLF line terminators

AfxHookSource.dll

f52b8b6dc3e34af2c8dab5000b8ab59f

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 7 sections

AfxHookSource2_changelog.xml

6df22430f45f163681546849055a68f6

XML 1.0 document, ASCII text, with very long lines (328), with CRLF line terminators

AfxHookSource_changelog.xml

52e52217d0d9ce95c6f6227be1062f27

XML 1.0 document, Unicode text, UTF-8 text, with very long lines (579), with CRLF line terminators

api-ms-win-core-console-l1-1-0.dll

cd3ab89fadee9d9ab307f55390798102

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 3 sections

api-ms-win-core-console-l1-2-0.dll

4228b8901e130b70052da8562dc7b5b9

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 3 sections

api-ms-win-core-datetime-l1-1-0.dll

bb66dd4c715754bfa99abbcbee3a4449

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 3 sections

api-ms-win-core-debug-l1-1-0.dll

1c76698d36fce20d2919e67e3f08bfbd

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 3 sections

api-ms-win-core-errorhandling-l1-1-0.dll

b2eac5c213cc442820167617d568e179

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 3 sections

api-ms-win-core-fibers-l1-1-0.dll

38646cd15ac25a8d71bab09d5b077338

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 3 sections

api-ms-win-core-file-l1-1-0.dll

4d0399f0050b13586b8b04f62e95b16b

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 3 sections

api-ms-win-core-file-l1-2-0.dll

918b087149a2571d9db1eb04878c3603

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 3 sections

api-ms-win-core-file-l2-1-0.dll

320629a907048b64a99ef484417df721

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 3 sections

api-ms-win-core-handle-l1-1-0.dll

0e37f414237e14f395f8914ac2532581

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 3 sections

api-ms-win-core-heap-l1-1-0.dll

e36e88531f284b1135617b91f73e5ec7

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 3 sections

api-ms-win-core-interlocked-l1-1-0.dll

f6f0270f98f5cf857d1e0667819fc9d6

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 3 sections

api-ms-win-core-libraryloader-l1-1-0.dll

ae1eb2e7a5de49e2950cd2f7892d5513

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 3 sections

api-ms-win-core-localization-l1-2-0.dll

c542c43d910dd6ae2f4a7cffebccf613

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 3 sections

api-ms-win-core-memory-l1-1-0.dll

2b3eae5e560be8c87a246d0e8fe3f593

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 3 sections

api-ms-win-core-namedpipe-l1-1-0.dll

4ee09ce90a33fc4f885539370d3ab11f

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 3 sections

api-ms-win-core-processenvironment-l1-1-0.dll

9c46e030383d0f85a113a1f3b7477a77

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 3 sections

api-ms-win-core-processthreads-l1-1-0.dll

fc776a56634728a146211939d14187b5

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 3 sections

api-ms-win-core-processthreads-l1-1-1.dll

51b851eb7b58ca2c3280def9722a9602

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 3 sections

api-ms-win-core-profile-l1-1-0.dll

5e50911343631e123b2de2d19ad5e2ef

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 3 sections

api-ms-win-core-rtlsupport-l1-1-0.dll

f04d8cd1c228b2a9321429bc9d72599e

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 3 sections

api-ms-win-core-string-l1-1-0.dll

796e70f25faf0353eba92c001569c976

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 3 sections

api-ms-win-core-synch-l1-1-0.dll

c748312b0f6dfa5440bfecbd094f9180

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 3 sections

api-ms-win-core-synch-l1-2-0.dll

364d65fe7f976fd00702f5bd63eea9b3

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 3 sections

api-ms-win-core-sysinfo-l1-1-0.dll

7ebb75a1000e52570ca55c35dfc7bd6c

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 3 sections

api-ms-win-core-timezone-l1-1-0.dll

2a21692ef3a54e5f4a016a3a1767a7d9

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 3 sections

api-ms-win-core-util-l1-1-0.dll

b179b9f02a2a42a92c8eee8722d03745

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 3 sections

API-MS-Win-core-xstate-l2-1-0.dll

b685358b3d0f37b68a24a6862f2ab63c

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 3 sections

api-ms-win-crt-conio-l1-1-0.dll

410fb7adfc54094b95609747a5376472

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 3 sections

api-ms-win-crt-convert-l1-1-0.dll

03c2c3d48cba89a77a8c06158056aaa8

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 3 sections

api-ms-win-crt-environment-l1-1-0.dll

490c63e6b1aba9a525404067ce3c20b6

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 3 sections

api-ms-win-crt-filesystem-l1-1-0.dll

d1f28f796bacea3d58eca271fd128758

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 3 sections

api-ms-win-crt-heap-l1-1-0.dll

0651bcd9acadac1d50653be35378a82c

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 3 sections

api-ms-win-crt-locale-l1-1-0.dll

592a65b922d4cd052bae1957be801a4f

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 3 sections

api-ms-win-crt-math-l1-1-0.dll

46aaecdb8d337980c82cb2714a985986

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 3 sections

api-ms-win-crt-multibyte-l1-1-0.dll

7442e7059f712705d4b97699bf56de35

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 3 sections

api-ms-win-crt-private-l1-1-0.dll

3b07abbe272e9b9e2989e2d6a400fa53

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 3 sections

api-ms-win-crt-process-l1-1-0.dll

0444624f30e8030d84bb169fc2410444

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 3 sections

api-ms-win-crt-runtime-l1-1-0.dll

90340ac74d22b9a67237ea52a4dc1c75

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 3 sections

api-ms-win-crt-stdio-l1-1-0.dll

85444893a6553a4dd26150a68fd373d8

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 3 sections

api-ms-win-crt-string-l1-1-0.dll

841e4ff9bb531b52218392db1d7cfbe4

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 3 sections

api-ms-win-crt-time-l1-1-0.dll

0713775484e95e5bebcbe807d53488f8

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 3 sections

api-ms-win-crt-utility-l1-1-0.dll

b52238936bdf50ab985435a176281f68

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 3 sections

changelog.xml

6e671e07f73263595ef2f124c34555cb

XML 1.0 document, Unicode text, UTF-8 text, with very long lines (420), with CRLF line terminators

changelog.xsl

ce3919242ef8f127167df32f684f0366

XML 1.0 document, ASCII text

concrt140.dll

3d0ea6ba3551aec4717ab2827319a741

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 5 sections

readme.advancedfx.txt

79143e5f9d76b1437a9b1dcdb606acb5

ASCII text, with CRLF line terminators

Half-2_5.dll

2ad23d0cb5f9aafa124b71b9b9cf4721

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 5 sections

HLAE.exe

3d43f918212c6cb386675fae14cbad38

PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Iex-2_5.dll

64b55737f77502d4577c0c8b6cd99400

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 5 sections

IexMath-2_5.dll

e69d5aea7908e23b29327292b6b716e1

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 5 sections

IlmImf-2_5.dll

9dcb28a2f5367929b0090f82048310ac

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 5 sections

IlmThread-2_5.dll

96b17c02b4671eafb7996beccf3063b9

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 5 sections

Imath-2_5.dll

435e61adb2279702591be04ab0214259

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 5 sections

injector.exe

84e44205cfaabff940ba9a5baf640e65

PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

LICENSE

38176c64cbebabdf6829130605542969

ASCII text

LICENSE.md

2cb98c933c365ba2490a60335dacb307

ASCII text

COPYING

7ab2261f952d35fba9be4e1fe5b81a69

ASCII text

LICENSE

1c67f3916feb049d2e3356b2fa82c3e3

ASCII text, with CRLF line terminators

LICENSE

0f34c2a8b1c102d683feca7a5835e921

ASCII text, with very long lines (755)

LICENSE

ce79a5e699943b3a132c0deba1777ac6

ASCII text, with CRLF line terminators

license.txt

d63ab70ba21ca0544b03284958324301

ASCII text, with CRLF line terminators

README

0ff45db88393c3152e458a047bba0ff1

ASCII text

messages.mo

be5043c998b8a2e6cce34054b7e4f51c

GNU message catalog (little endian), revision 0.0, 200 messages, Project-Id-Version: hlae '64 Bit CS:GO wird nicht unterstüzt.'

messages.mo

e89c56f1ebab87b21ac459fbd2ffa93b

GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: hlae

messages.mo

73433a71a27dd850c96b40532843d3f2

GNU message catalog (little endian), revision 0.0, 130 messages, Project-Id-Version: hlae 'A 64 bites CS:GO nem támogatott.'

messages.mo

269fba5c57d837e0f2ae3627a8e245a4

GNU message catalog (little endian), revision 0.0, 180 messages, Project-Id-Version: hlae 'CS:GO a 64 Bit non è supportato.'

messages.mo

46f7e79f52a1f86c2957adb8ea213faf

GNU message catalog (little endian), revision 0.0, 174 messages, Project-Id-Version: hlae '64ビットのCSGOはサポートされていません。'

messages.mo

41b7495d86036b2f07f643f52c426120

GNU message catalog (little endian), revision 0.0, 142 messages, Project-Id-Version: hlae '64 Bit CS:GO word niet ondersteund.'

messages.mo

ccb2f342c94a289bc227be5ad71ac2d3

GNU message catalog (little endian), revision 0.0, 187 messages, Project-Id-Version: hlae 'Wersja 64 Bitowa CS:GO nie jest wspierana.'

messages.mo

82fccf8cb0a5480e19337072da595cf4

GNU message catalog (little endian), revision 0.0, 198 messages, Project-Id-Version: hlae 'CS:GO de 64 bits não é suportado.'

messages.mo

40b2ac5cc4bee6a121a8fa3868863ef6

GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: hlae

messages.mo

7221db860c99f144703e2157435439f3

GNU message catalog (little endian), revision 0.0, 200 messages, Project-Id-Version: hlae '64-битный CS:GO не поддерживается.'

messages.mo

a75fd28194b449236fadb5fd2d78287a

GNU message catalog (little endian), revision 0.0, 185 messages, Project-Id-Version: hlae '不支持64位CSGO。'

msvcp140.dll

c766ca0482dfe588576074b9ed467e38

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 5 sections

msvcp140_1.dll

b262a68778d6117d77dfd88a7f43ca44

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 5 sections

msvcp140_2.dll

60bf20c3cc7a98169465cd85ee833d67

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 5 sections

msvcp140_atomic_wait.dll

c1ff4738f68a0570720f695b5a4837b9

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 5 sections

msvcp140_codecvt_ids.dll

d90414f90993f195846c25140d47566b

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 5 sections

NGettext.dll

d1a41501eeae0f3cff366c5553907fbd

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

readme.txt

8c4f6f6f523ba08b4a2304780dd672d6

Unicode text, UTF-8 text, with CRLF line terminators

updateWorkaround.cfg

c97a1f3fab74e1f28d2b06d24ee1f2aa

ASCII text, with CRLF line terminators

wh.cfg

d6cffb75b202fe6365a50d8fe4c12737

ASCII text, with CRLF line terminators

black.vmt

4a158f0f13b669cdd8f666e6058b1a83

ASCII text, with CRLF line terminators

depth.vmt

3ec028554d2851c0edf8dfdc7ad13dd1

ASCII text, with CRLF line terminators

greenmatte.vmt

1b66c8c38cb830fddc78eabc2c451d26

ASCII text, with CRLF line terminators

invisible.vmt

266ccb63b4f56a6e47facf8b0dc4bbff

ASCII text

cable.vmt

1d9d2dfb454f5b1400f240c2233ab77d

ASCII text, with CRLF line terminators

ct.vmt

115cbec76796fe45decf04371a126cca

ASCII text, with CRLF line terminators

level.vmt

ce886e219607aa019b6642b53f7adfd4

ASCII text, with CRLF line terminators

level.vtf

abbccbc6d445473376cce4c6d8b2aa56

Valve Texture Format v7.2, 256 x 256, mipmaps: 1

levelLit.vmt

9ae1d6eaacea80fecb444640cf231fde

ASCII text, with CRLF line terminators

smokeOverlay.vmt

5a8dc2f1f3474cee623198d8df7ec420

ASCII text, with CRLF line terminators

smokeOverlay.vtf

ab1620836bc777d498ede9feae439b65

Valve Texture Format v7.2, 2 x 2, mipmaps: 1

t.vmt

224fb9cb3dc8925101dfb9a9021566d4

ASCII text, with CRLF line terminators

vistasmokev1.vmt

072a184a81cf13a68e28b213012c8c3d

ASCII text, with CRLF line terminators

vistasmokev1_emods.vmt

20b6d8f0223a4f19ebe30d23446b7bc8

ASCII text, with CRLF line terminators

vistasmokev1_emods.vtf

b72aebc20f487b0ab135703ba6d52531

Valve Texture Format v7.2, 1024 x 1024, mipmaps: 11

vistasmokev1_emods_impactdust.vmt

58e98e599652bb922eb507cbdd52fd26

ASCII text, with CRLF line terminators

vistasmokev1_fire.vmt

1d1fb1f23180e98a5e51606a76819dab

ASCII text, with CRLF line terminators

vistasmokev1_smokegrenade.vmt

27e48640c2b853bd0fa366165cc922fe

ASCII text, with CRLF line terminators

weapon.vmt

b8e103bc2a4565776d69307e34f1d013

ASCII text, with CRLF line terminators

white.vmt

ddd8ed47341fdb46f2c3f67fcc9098b7

ASCII text, with CRLF line terminators

hexfont.tga

fa8ede4fcfe10d60feae677a1735af8a

Targa image data - RGBA 256 x 128 x 32 +128 - 8-bit alpha - top

afx_depth_ps20.acs

767ed5f6e5ecad9840a36a045411a725

data

afx_drawtexture_ps20.acs

00223b50d1ac65ce77093cbc6f91eb6a

data

afx_drawtexture_ps_5_0.acs

b4524bd47b962e2769a52f167c4c2819

data

afx_drawtexture_vs_5_0.acs

67e5f49ab5f111914a63bbe93283172e

data

afx_line_ps20.acs

cc081427c5f838de25097efb334a4f4f

data

afx_line_ps_5_0.acs

0e1fbdb8674b7ad47f0cf86bd9868ffc

data

afx_line_vs20.acs

1fbda5f4bb6a6f1ea167bc2aa6ea0cfa

data

afx_line_vs_5_0.acs

103d7ab79e31771ae6b067d185b7bead

data

afx_pgldraw_ps20.acs

89e48cb764526642f1c0a84ecf64da8a

data

afx_pgldraw_vs20.acs

9363424031f11007715479daeb47d764

data

ucrtbase.dll

b65aa2646529e9c1de570d28c2e37c2b

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 5 sections

vccorlib140.dll

934c75adff9036378fd34f526c6641a1

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 5 sections

vcruntime140.dll

9c133b18fa9ed96e1aeb2da66e4a4f2b

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 5 sections

AfxHook.dat

5ea93b15167040ddb5ec4907e9c92964

DOS executable (COM), start instruction 0xe9b00000 00909090

AfxHookSource2.dll

d5797e576864391ac7a97c405c5c332d

PE32+ executable (DLL) (console) x86-64, for MS Windows, 8 sections

api-ms-win-core-console-l1-1-0.dll

0909e61c8c9c717976828f65c987e5f9

PE32+ executable (DLL) (console) x86-64, for MS Windows, 3 sections

api-ms-win-core-console-l1-2-0.dll

6b33e6f1d77cec0901ea8e91473bc18b

PE32+ executable (DLL) (console) x86-64, for MS Windows, 3 sections

api-ms-win-core-datetime-l1-1-0.dll

2b4a3a51e075ab9819c6d6bc40efb4b5

PE32+ executable (DLL) (console) x86-64, for MS Windows, 3 sections

api-ms-win-core-debug-l1-1-0.dll

607703b245d9b4fc69a8b5363ff626fa

PE32+ executable (DLL) (console) x86-64, for MS Windows, 3 sections

api-ms-win-core-errorhandling-l1-1-0.dll

059129bae1776f03c59d3ba66a6f6dee

PE32+ executable (DLL) (console) x86-64, for MS Windows, 3 sections

api-ms-win-core-fibers-l1-1-0.dll

9fa3992f5dac5ea5dfa15b9669c68154

PE32+ executable (DLL) (console) x86-64, for MS Windows, 3 sections

api-ms-win-core-file-l1-1-0.dll

817f9a76b7eadc1226b006ccbdd38a11

PE32+ executable (DLL) (console) x86-64, for MS Windows, 3 sections

api-ms-win-core-file-l1-2-0.dll

e334f2fe1e0e6d5d6966f139ed328d97

PE32+ executable (DLL) (console) x86-64, for MS Windows, 3 sections

api-ms-win-core-file-l2-1-0.dll

7f0ef1cf592d04b082b65f75584652cd

PE32+ executable (DLL) (console) x86-64, for MS Windows, 3 sections

api-ms-win-core-handle-l1-1-0.dll

1902b85a588178857e9637902e5a1b85

PE32+ executable (DLL) (console) x86-64, for MS Windows, 3 sections

api-ms-win-core-heap-l1-1-0.dll

892e47390f34aac7d20afe63ffa92f20

PE32+ executable (DLL) (console) x86-64, for MS Windows, 3 sections

api-ms-win-core-interlocked-l1-1-0.dll

d8999e328af5ee1eb23c216336637cb7

PE32+ executable (DLL) (console) x86-64, for MS Windows, 3 sections

api-ms-win-core-libraryloader-l1-1-0.dll

6337654372aa9adf6a8fc97d9676a33d

PE32+ executable (DLL) (console) x86-64, for MS Windows, 3 sections

api-ms-win-core-localization-l1-2-0.dll

d4bad006e413ace7d729b1249c49b92f

PE32+ executable (DLL) (console) x86-64, for MS Windows, 3 sections

api-ms-win-core-memory-l1-1-0.dll

714e850aa29e808568933c5ed8c7df5a

PE32+ executable (DLL) (console) x86-64, for MS Windows, 3 sections

api-ms-win-core-namedpipe-l1-1-0.dll

9ad2e67f2b1f04b760deb00b889fab53

PE32+ executable (DLL) (console) x86-64, for MS Windows, 3 sections

api-ms-win-core-processenvironment-l1-1-0.dll

772d6c07e47e77a4479c7a9eccfeac4d

PE32+ executable (DLL) (console) x86-64, for MS Windows, 3 sections

api-ms-win-core-processthreads-l1-1-0.dll

9ac788a87032640e046f305413585503

PE32+ executable (DLL) (console) x86-64, for MS Windows, 3 sections

api-ms-win-core-processthreads-l1-1-1.dll

31f60bf9a22a86cb8879fce5c1022254

PE32+ executable (DLL) (console) x86-64, for MS Windows, 3 sections

api-ms-win-core-profile-l1-1-0.dll

948e3c479e87ad905a3689bc94cbf86b

PE32+ executable (DLL) (console) x86-64, for MS Windows, 3 sections

api-ms-win-core-rtlsupport-l1-1-0.dll

57745a06849d90cd5c79ccbec559e7b5

PE32+ executable (DLL) (console) x86-64, for MS Windows, 3 sections

api-ms-win-core-string-l1-1-0.dll

1862f49d5c2ba7c2bbc78bc517cb0b38

PE32+ executable (DLL) (console) x86-64, for MS Windows, 3 sections

api-ms-win-core-synch-l1-1-0.dll

afc4db1ae7eb74d1b43eda3d7ea5b43c

PE32+ executable (DLL) (console) x86-64, for MS Windows, 3 sections

api-ms-win-core-synch-l1-2-0.dll

5dedf9f86ba1366d9e920f33eb03721c

PE32+ executable (DLL) (console) x86-64, for MS Windows, 3 sections

api-ms-win-core-sysinfo-l1-1-0.dll

177009944ea3860b58c09da1871db999

PE32+ executable (DLL) (console) x86-64, for MS Windows, 3 sections

api-ms-win-core-timezone-l1-1-0.dll

70f8acde94e2c3952b7ba7f56a4ebfb4

PE32+ executable (DLL) (console) x86-64, for MS Windows, 3 sections

api-ms-win-core-util-l1-1-0.dll

d91e6c55a2304aa59d24e76f34884535

PE32+ executable (DLL) (console) x86-64, for MS Windows, 3 sections

api-ms-win-crt-conio-l1-1-0.dll

a1bee0af7bd944fae7f14174d9dfdffc

PE32+ executable (DLL) (console) x86-64, for MS Windows, 3 sections

api-ms-win-crt-convert-l1-1-0.dll

b9d80efa3f5b0b75c523d4ced4da1fd2

PE32+ executable (DLL) (console) x86-64, for MS Windows, 3 sections

api-ms-win-crt-environment-l1-1-0.dll

6e245fdd89bb6f88f56784adbdca0b0a

PE32+ executable (DLL) (console) x86-64, for MS Windows, 3 sections

api-ms-win-crt-filesystem-l1-1-0.dll

e4fcbf91666504c1eb70644dc4c5f479

PE32+ executable (DLL) (console) x86-64, for MS Windows, 3 sections

api-ms-win-crt-heap-l1-1-0.dll

374d505ced3719d875ac316ce365b1d5

PE32+ executable (DLL) (console) x86-64, for MS Windows, 3 sections

api-ms-win-crt-locale-l1-1-0.dll

152925be0e3a0ff77b0979bcae7a7583

PE32+ executable (DLL) (console) x86-64, for MS Windows, 3 sections

api-ms-win-crt-math-l1-1-0.dll

bf69d049653e504a7a1f8b55a6dde7bc

PE32+ executable (DLL) (console) x86-64, for MS Windows, 3 sections

api-ms-win-crt-multibyte-l1-1-0.dll

4847091828ad3b0734418343c712cffe

PE32+ executable (DLL) (console) x86-64, for MS Windows, 3 sections

api-ms-win-crt-private-l1-1-0.dll

533b418afd2ef8e423f42d414cdaf5ef

PE32+ executable (DLL) (console) x86-64, for MS Windows, 3 sections

api-ms-win-crt-process-l1-1-0.dll

dc3fe259a9b778480c2405fdd7405c9c

PE32+ executable (DLL) (console) x86-64, for MS Windows, 3 sections

api-ms-win-crt-runtime-l1-1-0.dll

80e80532239aa8929ec0fddedb7aa8af

PE32+ executable (DLL) (console) x86-64, for MS Windows, 3 sections

api-ms-win-crt-stdio-l1-1-0.dll

58a8c2d2404ad7bf6fca8bdfbb8a5b3b

PE32+ executable (DLL) (console) x86-64, for MS Windows, 3 sections

api-ms-win-crt-string-l1-1-0.dll

d7164ae82b7332432bf2eb7fc7774e72

PE32+ executable (DLL) (console) x86-64, for MS Windows, 3 sections

api-ms-win-crt-time-l1-1-0.dll

6aa7b1323c5d8e314f2fb42f855e9b12

PE32+ executable (DLL) (console) x86-64, for MS Windows, 3 sections

api-ms-win-crt-utility-l1-1-0.dll

7b7f4484966036ff86a7e4cd303d3871

PE32+ executable (DLL) (console) x86-64, for MS Windows, 3 sections

concrt140.dll

9485d003573e0eaf7952ab23cc82ef7b

PE32+ executable (DLL) (console) x86-64, for MS Windows, 6 sections

Half-2_5.dll

c106b78f15019bd3a9e0fd7ca51f9986

PE32+ executable (DLL) (console) x86-64, for MS Windows, 6 sections

Iex-2_5.dll

fd3ccef6c38227926100d7515ac4008a

PE32+ executable (DLL) (console) x86-64, for MS Windows, 6 sections

IexMath-2_5.dll

88fcbbcc7e2342f50da9ebf7f9217f2e

PE32+ executable (DLL) (console) x86-64, for MS Windows, 6 sections

IlmImf-2_5.dll

b9c0f701e95e699ef5133904967e7e75

PE32+ executable (DLL) (console) x86-64, for MS Windows, 6 sections

IlmThread-2_5.dll

0268160e8b7ed809aaede0382fdd221f

PE32+ executable (DLL) (console) x86-64, for MS Windows, 6 sections

Imath-2_5.dll

c5eea7d7299b58057692d0ffe7d2730e

PE32+ executable (DLL) (console) x86-64, for MS Windows, 6 sections

injector.exe

342165e9d66a263abf3d697b348373b4

PE32+ executable (console) x86-64 Mono/.Net assembly, for MS Windows, 2 sections

msvcp140.dll

c3d497b0afef4bd7e09c7559e1c75b05

PE32+ executable (DLL) (console) x86-64, for MS Windows, 6 sections

msvcp140_1.dll

7b0a25eee764d8747f02cb3ed980f07a

PE32+ executable (DLL) (console) x86-64, for MS Windows, 6 sections

msvcp140_2.dll

aa0148e20d34c10e01a4a9e1bab1d058

PE32+ executable (DLL) (console) x86-64, for MS Windows, 6 sections

msvcp140_atomic_wait.dll

6722344b74084d0af629283060716bae

PE32+ executable (DLL) (console) x86-64, for MS Windows, 6 sections

msvcp140_codecvt_ids.dll

165308ee66d0b8f11ca20f3bcd410ea9

PE32+ executable (DLL) (console) x86-64, for MS Windows, 6 sections

ucrtbase.dll

932dcb8d7d06f4b89fc3915726c418b7

PE32+ executable (DLL) (console) x86-64, for MS Windows, 6 sections

vccorlib140.dll

e3e6aa23df3c78b29b0ee90e2712fc7e

PE32+ executable (DLL) (console) x86-64, for MS Windows, 6 sections

vcruntime140.dll

e9b690fbe5c4b96871214379659dd928

PE32+ executable (DLL) (console) x86-64, for MS Windows, 8 sections

vcruntime140_1.dll

eb49c1d33b41eb49dfed58aafa9b9a8f

PE32+ executable (DLL) (console) x86-64, for MS Windows, 6 sections

zlib1.dll

755249fe3adbfdf008814dd4b87ac430

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections

zlib1.dll

7d91e3ead16b6348f801fc656bae064b

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

Detections

Analyzer	Verdict	Alert
Public Nextron YARA rules	malware	Detects POC code from disclosed 0day hacktool set
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
Public Nextron YARA rules	malware	Detects POC code from disclosed 0day hacktool set
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
VirusTotal	malicious	VirusTotal - Scan result 11/67

JavaScript (0)

HTTP Transactions (2)

URL IP Response Size

github.com/advancedfx/advancedfx/releases/download/v2.157.0/hlae_2_157_0.zip

140.82.121.3

302 Found

0 B

URL User Request GET HTTP/2
github.com/advancedfx/advancedfx/releases/download/v2.157.0/hlae_2_157_0.zip
IP
140.82.121.3:443
ASN
#36459 GITHUB

Certificate
IssuerSectigo Limited
Subjectgithub.com
FingerprintE7:03:5B:CC:1C:18:77:1F:79:2F:90:86:6B:6C:1D:F8:DF:AA:BD:C0
ValidityThu, 07 Mar 2024 00:00:00 GMT - Fri, 07 Mar 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advancedfx/advancedfx/releases/download/v2.157.0/hlae_2_157_0.zip HTTP/1.1
Host: github.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: GitHub.com
date: Wed, 17 Apr 2024 06:22:09 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
location: https://objects.githubusercontent.com/github-production-release-asset-2e65be/89074083/0e4f6d7b-3f9d-4970-b4ef-08acdbb65281?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240417%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240417T062209Z&X-Amz-Expires=300&X-Amz-Signature=dd8e8ead16ecd60661aa819071fd1ed2b455c62151f39b61f63ca8a20465b25a&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=89074083&response-content-disposition=attachment%3B%20filename%3Dhlae_2_157_0.zip&response-content-type=application%2Foctet-stream
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com api.githubcopilot.com objects-origin.githubusercontent.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: 83FD:1FE656:4C225E8:4D082A1:661F6A90
X-Firefox-Spdy: h2

objects.githubusercontent.com/github-production-release-asset-2e65be/89074083/0e4f6d7b-3f9d-4970-b4ef-08acdbb65281?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240417%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240417T062209Z&X-Amz-Expires=300&X-Amz-Signature=dd8e8ead16ecd60661aa819071fd1ed2b455c62151f39b61f63ca8a20465b25a&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=89074083&response-content-disposition=attachment%3B%20filename%3Dhlae_2_157_0.zip&response-content-type=application%2Foctet-stream

185.199.109.133

200 OK

6.5 MB

URL User Request GET HTTP/2
objects.githubusercontent.com/github-production-release-asset-2e65be/89074083/0e4f6d7b-3f9d-4970-b4ef-08acdbb65281?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240417%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240417T062209Z&X-Amz-Expires=300&X-Amz-Signature=dd8e8ead16ecd60661aa819071fd1ed2b455c62151f39b61f63ca8a20465b25a&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=89074083&response-content-disposition=attachment%3B%20filename%3Dhlae_2_157_0.zip&response-content-type=application%2Foctet-stream
IP
185.199.109.133:443
ASN
#54113 FASTLY

Certificate
IssuerDigiCert Inc
Subject*.github.io
Fingerprint97:D8:C5:70:0F:12:24:6C:88:BC:FA:06:7E:8C:A7:4D:A8:62:67:28
ValidityFri, 15 Mar 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
6.5 MB (6520925 bytes)
Hash
2df07df72be47b6bf22b494312180909
25914e776a3809cb2fdf3f673423be4c08820fa9
8c8696dc30ad40f7feaadbcd4e563ff2722198022682878b32365b28bf1b390e

Detections

Analyzer	Verdict	Alert
VirusTotal	malicious	VirusTotal - Scan result 11/67

HTTP Headers

GET /github-production-release-asset-2e65be/89074083/0e4f6d7b-3f9d-4970-b4ef-08acdbb65281?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240417%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240417T062209Z&X-Amz-Expires=300&X-Amz-Signature=dd8e8ead16ecd60661aa819071fd1ed2b455c62151f39b61f63ca8a20465b25a&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=89074083&response-content-disposition=attachment%3B%20filename%3Dhlae_2_157_0.zip&response-content-type=application%2Foctet-stream HTTP/1.1
Host: objects.githubusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/octet-stream
content-md5: LfB99yvke2vyK0lDEhgJCQ==
last-modified: Thu, 04 Apr 2024 17:14:36 GMT
etag: "0x8DC54CAB49620CC"
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 727174c1-401e-0004-02b4-866c52000000
x-ms-version: 2020-10-02
x-ms-creation-time: Thu, 04 Apr 2024 17:14:36 GMT
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
content-disposition: attachment; filename=hlae_2_157_0.zip
x-ms-server-encrypted: true
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 17 Apr 2024 06:22:09 GMT
age: 0
x-served-by: cache-iad-kcgs7200148-IAD, cache-hel1410028-HEL
x-cache: HIT, MISS
x-cache-hits: 1273, 0
x-timer: S1713334929.188442,VS0,VE510
content-length: 6520925
X-Firefox-Spdy: h2