Add new file(s): 2025-11-14

2026-06-24 01:54:08 +00:00 · 2025-11-14 22:02:13 +01:00 · 2025-11-14 22:02:13 +01:00 · b92b043121
commit b92b043121
parent 610a7fd28a
7 changed files with 96 additions and 0 deletions
--- a/db/Binary/audio.PAT.sg
+++ b/db/Binary/audio.PAT.sg
@ -0,0 +1,12 @@
+// Detect It Easy: detection rule file
+// Author: BJNFNE <bjnfne@web.de>
+
+meta("audio", "PAT");
+
+function detect() {
+    if (Binary.compare("'PT'")) {
+        bDetected = true;
+    }
+
+    return result();
+}
--- a/db/Binary/bin.TRE.1.sg
+++ b/db/Binary/bin.TRE.1.sg
@ -0,0 +1,12 @@
+// Detect It Easy: detection rule file
+// Author: BJNFNE <bjnfne@web.de>
+
+meta("format", "TRE");
+
+function detect() {
+    if (Binary.compare("'ZblT'")) {
+        bDetected = true;
+    }
+
+    return result();
+}
--- a/db/Binary/font.BTF.1.sg
+++ b/db/Binary/font.BTF.1.sg
@ -0,0 +1,10 @@
+// Detect It Easy: detection rule file
+// Author: BJNFNE <bjnfne@web.de>
+
+meta("font", "BTF");
+
+function detect() {
+    bDetected = Binary.compare("'TNFB'");
+
+    return result();
+}
--- a/db/Binary/graphics.TFM.1.sg
+++ b/db/Binary/graphics.TFM.1.sg
@ -0,0 +1,12 @@
+// Detect It Easy: detection rule file
+// Author: BJNFNE <bjnfne@web.de>
+
+meta("graphics", "TFM");
+
+function detect() {
+    if (Binary.compare("'tfm'")) {
+        bDetected = true;
+    }
+
+    return result();
+}
--- a/db/PE/Py2exe.1.sg
+++ b/db/PE/Py2exe.1.sg
@ -0,0 +1,17 @@
+// Detect It Easy: detection rule file
+
+meta("packer", "py2exe");
+
+function detect() {
+    for (var i = 0; i < PE.getNumberOfResources(); i++) {
+        // py2exe magic number
+        if (PE.compare("12345678", PE.resource[i].Offset)) {
+            bDetected = true;
+            break;
+        }
+    }
+
+    sLang = "Python";
+
+    return result();
+}
--- a/db/PE/The_Best_Cryptor.2.sg
+++ b/db/PE/The_Best_Cryptor.2.sg
@ -0,0 +1,12 @@
+// Detect It Easy: detection rule file
+// Author: hypn0 <hypn0@mail.ru>
+
+meta("cryptor", "The Best Cryptor by FsK");
+
+function detect() {
+    if (PE.findSignature(PE.getSize() - 0x100, 0x100, "8b042483e8..68........ffd0b8........3d..............30..40eb..b8........3d..............30..40eb") != -1) {
+        bDetected = true;
+    }
+
+    return result();
+}
--- a/db/PE/UPX_Mutanter.2.sg
+++ b/db/PE/UPX_Mutanter.2.sg
@ -0,0 +1,21 @@
+// Made by KDSS-Research
+// Contact Me: koffidev365supp@gmail.com
+
+// Program name:
+// ----------------------
+// UPX Mutanter by AHTeam
+
+meta("tool", "UPX Mutanter");
+
+function detect() {
+    if (PE.compareEP("94 bc 61 62 4d 00 b9 .. 00 00 00 80 34 0c .. e2")) {
+        sOptions = "Method 2";
+        bDetected = true;
+    }
+    if (PE.compareEP("94 bc .. b9 4d 00 b9 .. 00 00 00 80 34 0c .. e2")) {
+        sOptions = "Method 1";
+        bDetected = true;
+    }
+
+    return result();
+}