mirrors/Detect-It-Easy
2
0
Fork 0
mirror of https://github.com/horsicq/Detect-It-Easy.git synced 2026-06-24 01:54:08 +00:00
Code Issues Projects Releases Packages Wiki Activity

Clarify detection scope in comment

Browse source 
Update comment to explicitly state the heuristic detects encrypted PE files in resources, sections, and overlay via KPA (Known Plaintext Attack). This is a documentation-only change to clarify detection scope; no functional code changes.
This commit is contained in:
DosX 2026-06-19 17:52:58 +03:00
commit 88548b7a0b
1 changed files with 1 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
db/PE/__GenericHeuristicAnalysis_By_DosX.7.sg
View file

@ -7779,7 +7779,7 @@ function scanForMaliciousCode_NET_and_Native() {
// Detect encrypted PE files in the resource section AND overlay via KPA (Known Plaintext Attack)
// Detect encrypted PE files in resources, sections AND overlay via KPA (Known Plaintext Attack)
// Supports MULTIPLE algorithms (XOR, XNOR, ADD, SUB, SUB-REV) and key lengths up to 20 bytes
var isEncPePresent = false;