It can do pretty much everything for desktop apps. It was used for a loader
e850959e1000f5dd32f593a6204602e7_mpgh.net.zip
dump.sql ?
Just looked at this to see what it was, just a heads up:
- Your API has include vulnerabilities since none of your require lines that come from GET/POST vars are checked and sanitized.
- avatar.php has a MySQL injection.
- getid.php has a MySQL injection.