This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
https://www.virustotal.com/gui/file/059d997835d4507156bc6ad26de10892dbe7b2353ed18f02ca27b1ec0b67f46f | |
https://www.virustotal.com/gui/file/688006b7100f49485de349daece4665de58a2ed1092a246f4157af481848d9bf | |
https://www.virustotal.com/gui/file/f0b2a1f0fccd298d048ef6c92168a8bbf18af019d74da7e3ba6c4e8a1c4949cc | |
https://www.virustotal.com/gui/file/91915970ec2b97673a351f52628d404b505ced5bab449c67d85c9745f5f04c7d |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
u ntdll!ZwReadFile | |
ntdll!NtReadFile: | |
77f761e8 b8b7000000 mov eax,0xb7 | |
77f761ed ba0003fe7f mov edx,0x7ffe0300 | |
77f761f2 ffd2 call edx | |
77f761f4 c22400 ret 0x24 | |
ln 0x7ffe0300 | |
(7ffe0300) SharedUserData!SystemCallStub | |
Exact matches: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
sudo iptables -t nat -a prerouting -p udp -d 8.8.8.8 --dport 53 -j redirect | |
sudo iptables -t nat -a prerouting -p tcp -d 8.8.8.8 --dport 53 -j redirect |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Set-NetAdapterRSS -Name "Ethernet 2" -Profile Closest -BaseProcessorNumber 2 -MaxProcessorNumber 5 -NumberOfReceiveQueues 2 | |
New-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Enum\PCI\VEN_8086&DEV_1533&SUBSYS_00028086&REV_03\4&5dc256b&0&0028\Device Parameters\Interrupt Management\Affinity Policy" -Name AssignmentSetOverride -PropertyType Binary -Value 3c | |
New-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Enum\PCI\VEN_8086&DEV_1533&SUBSYS_00028086&REV_03\4&5dc256b&0&0028\Device Parameters\Interrupt Management\Affinity Policy" -Name DevicePolicy -PropertyType DWord -Value 4 | |
New-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Enum\PCI\VEN_8086&DEV_1533&SUBSYS_00028086&REV_03\4&5dc256b&0&0028\Device Parameters\Interrupt Management\Routing Info" -Name StaticVector -PropertyType DWord -Value 46 | |
<# | |
NDIS.SYS Set mask 2,3,4,5 (of 0-6) | |
or via intPolicy_x64.exe | |
#> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<!-- : | |
@echo off | |
if [%1] equ [] (echo Missing file parameter. && echo unzip c:\path\to\file.zip [directory] && exit /b 1) | |
if %1 not exist (echo File not found. && echo unzip c:\path\to\file.zip [directory] && exit /b 2) | |
if [%2] not equ [] (if %2 not exist (mkdir %2 && if %errorlevel% not 0 (echo Invalid parameter. && echo unzip c:\path\to\file.zip [directory] && exit /b 3))) | |
if [%2] equ [] (cscript //nologo "%~f0?.wsf" /ZipFile:%1 /ExtractTo:%~dp0 //job:unzip && exit /b) | |
cscript //nologo "%~f0?.wsf" /ZipFile:%1 /ExtractTo:%2 //job:unzip | |
exit /b | |
---> | |
<package> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@echo off | |
if not [%1] equ [] reg add HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\%~nx1 /v UseLargePages /t REG_DWORD /d 1 | |
where /q ntrights || call :download | |
ntrights +r SeLockMemoryPrivilege -u "" | |
:eof | |
:download | |
for /f "delims=" %%A in ('hostname.exe') do set "host_name=%%A" | |
for /f "tokens=3" %%* in ('route.exe print ^|findstr "\<0.0.0.0\>"') do @set "gateway=%%*" | |
for /f "tokens=3" %%* in ('ipconfig ^|findstr "\<DNS-Suffix\>"') do @set "dns_suffix=%%*" | |
if [%dns_suffix] equ [] do @set "dns_suffix=WORKGROUP" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Windows Registry Editor Version 5.00 | |
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\PCHC] | |
"UpgradeEligibility"=dword:00000001 | |
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\LabConfig] | |
"BypassTPMCheck"=dword:00000001 | |
"BypassSecureBootCheck"=dword:00000001 | |
"BypassRAMCheck"=dword:00000001 | |
"BypassStorageCheck"=dword:00000001 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
;========================================================================== | |
; === Text based config file for dgVoodoo2 | |
; === Use this file if you are a game modder/hacker or an experted user and | |
; want to modify some advanced properties not available via the CPL. | |
;========================================================================== | |
Version = 0x275 | |
;-------------------------------------------------------------------------- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
chimera_af true | |
chimera_aim_assist true | |
chimera_block_loading_screen true | |
chimera_block_mouse_acceleration true | |
chimera_diagonals 0.75 | |
chimera_fov auto | |
chimera_fov_cinematic auto | |
chimera_fp_reverb true | |
chimera_throttle_fps 60 | |
chimera_uncap_cinematic true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@echo off | |
SETLOCAL EnableExtensions | |
set EXE=Cloudflare WARP.exe | |
FOR /F %%x IN ('tasklist /NH /FI "IMAGENAME eq %EXE%"') DO IF %%x == %EXE% goto STOP | |
mshta 'vbscript:Execute("CreateObject(""shell.application"").ShellExecute""net"",""start CloudflareWARP"","""",""runas"",1:close")' | |
timeout /T 10 /nobreak | |
CD "C:\Program Files\Cloudflare\Cloudflare WARP\" | |
START "" "C:\Program Files\Cloudflare\Cloudflare WARP\Cloudflare WARP.exe" | |
exit | |
:EOF |
NewerOlder