Rename multiple database entries to include explicit category prefixes for clarity. Files in db/Amiga were renamed to use compiler_, cruncher_, font_, and sfx_ prefixes; files in db_extra/PE were renamed to use installer_, protector_, and sfx_ prefixes. All changes are pure renames (100% similarity) with no content modifications.
Apply minor code-style adjustments and a variable rename for clarity. Added spaces after '//' in several comments (PKZIP-SFX, RAR-SFX, installer_instyler) to improve readability. In protector_PE-Shield, rename peAnakinSection to anakin98Section and update references to match the actual section name; this is a non-functional rename to make the code more consistent.
Move PKZIP-SFX and RAR-SFX detection rules from db_extra/LX to db/LX and add reference URLs. Normalize the installer name capitalization by changing "instyler" to "Instyler" in db/Binary/data_overlays.6.sg (sName) and in the installer rule meta("installer", "Instyler"). No functional behavior changes aside from metadata and comment updates.
Normalize whitespace and formatting across multiple db/*.sg detection scripts: reindent code blocks, consolidate var declarations, reflow conditional expressions and comments, add missing trailing newlines, and standardize a version string to "2.71.X". Updated files include db/Binary/audio.AIFF.1.sg, db/PE/packer_RLPack.2.sg, db/PE/players.1.sg, db/PE/protector_PE-Shield.2.sg, db/PE/sfx_LZH_SFX.1.sg, db/PE/sfx_Zip_SFX.2.sg, db_extra/LX/PKZIP-SFX.1.sg, db_extra/LX/RAR-SFX.1.sg, db_extra/PE/ARDI-SFX.1.sg, db_extra/PE/installer_TInstall.1.sg, and db_extra/PE/installer_instyler.1.sg. These are primarily non-functional formatting changes; no logic alterations were intended except the noted version string normalization.
Adjust indentation of sOptions and bDetected assignments in db_extra/PE/ARDI-SFX.1.sg so they are correctly nested under their respective if branches (for the 2002 and 1999 signatures). This is a whitespace-only change and does not alter logic.
Rename several MSDOS database files to add category prefixes and reorganize one entry into db_extra. No content changes (100% similarity); this is a file-structure cleanup to make types explicit:
- db/MSDOS/Power_C.4.sg -> db/MSDOS/compiler_Power_C.4.sg
- db/MSDOS/CauseWay_DOS_Extender.0a.sg -> db/MSDOS/extender_CauseWay_DOS_Extender.6.sg
- db/MSDOS/Copy_Protector.2.sg -> db/MSDOS/protector_Copy_Protector.2.sg
- db/MSDOS/Copylock_PC.1.sg -> db/MSDOS/protector_Copylock_PC.2.sg
- db/MSDOS/FCP_IV.2.sg -> db_extra/MSDOS/packer_FCP_IV.2.sg
Use File.cleanString on the regex matches for sName and sVersion to sanitize extracted values. Replace the simple null check with a stricter condition (truthy and length < 32) so only valid, reasonably sized version strings mark the PE detection as true, reducing false positives.
Renamed and reorganized numerous rule files in db/PE and db/MSDOS to use consistent prefixes (e.g., compiler_, installer_, packer_, etc.) and moved some files to db_extra. Also deleted the obsolete IBM_VisualAge_PL_I.6.sg file. This improves maintainability and clarity of the rule database.
Renamed and moved numerous .sg files in the db directory to follow a more consistent naming convention and directory structure, grouping by type (e.g., compiler, cruncher, packer, protector, etc.). This improves maintainability and clarity of the signature database organization.
Detection rule files were renamed and reorganized to use more descriptive prefixes (e.g., compiler_, packer_, sfx_, etc.) for improved clarity and maintainability. Minor code formatting changes were made to some files, and a new detection rule for IBM VisualAge PL/I was added.
Renamed numerous db_extra/PE and db/Binary rule files to use consistent prefixes (e.g., cryptor_, protector_, installer_, etc.) for improved organization and clarity. Minor metadata and whitespace adjustments were made in a few files to match naming conventions.
Renamed and moved several PE detection rule files to /db_extra/. Minor comment updates were made in Sepanta.1.sg and PyInstallerHider.1.sg to standardize file headers and improve clarity.
Renamed and reorganized numerous database files across APK, DEX, ELF, PE, and other directories to use consistent prefixes such as 'library_', 'protector_', 'packer_', 'cryptor_', 'tool_', and similar. This improves clarity, maintainability, and categorization of the database entries.
Updated multiple PE detection rule files to use a consistent header format: '// Detect It Easy: detection rule file' and standardized author attribution. This improves clarity and maintainability across the rule database.
Added detection signatures for PwdProtect and ID Application packers in the heuristic analysis script. Renamed 'TheHypers protector.2.sg' to 'TheHypers.2.sg'.
PwdProtect.2.sg was moved from db/PE to db_extra/PE. Also, the sOptions value in bin.XBE.1.sg was updated from 'Unsigned' to 'unsigned' for consistency.
Replaces the old NetShieldProtector.2.sg rule with a new NetShield.2.sg detection rule, simplifying detection logic. Also moves Box_Stub.1.sg from db/PE to db_extra/PE for better organization.
Improved MinGW PE detection by checking '.eh_frame' section characteristics. Moved ADS_Self_Extractor.1.sg, Box_Stub.1.sg, and DirTy CrYpt0r.2.sg to db_extra/PE/ and normalized the filename for DirTy CrYpt0r. Minor formatting changes in bin.BSP.1.sg and bin.HNM.1.sg.
Updated detection logic and signatures for several PE rule scripts, improving accuracy and maintainability. Notable changes include refactoring detection conditions, updating string and section checks, and moving the Win9x.CIH virus rule to a more descriptive location with improved metadata.
Added a null check for the .rsrc section in OxiJoiner.2.sg to prevent errors if the section is missing. Also renamed 'Anslym Crypter.2.sg' to 'Anslym_Crypter.2.sg' for consistency.
Streamlined switch-case statements in several detection scripts for improved readability and maintainability. Updated version formatting and metadata in Fish_PE.2.sg and SfxCA.1.sg. Moved O'Setup95.1.sg to db_extra/PE and changed its file mode to 100644.
Introduces a new detection script for QQProtect in the PE resource section. The rule checks for the presence of the 'QQPROTECT' resource name to identify protected files.
Updated version strings to remove redundant 'v' prefixes and ensure consistent formatting across all detection cases. Also improved detection logic by updating the assignment to bDetected to account for sOptions.
Enhanced metadata and detection logic for GoldSrc, Intel IPP, Jar2Exe, MPQ, MSLRH, and NTPacker signature files. Added or updated URLs, improved detection accuracy, and clarified library/protector names. Also moved Native_UD_Packer.2.sg to db_extra/PE directory.
Updated comments and logic in Alcatraz.2.sg, DMD.4.sg, FSG.2.sg, and eXPressor.2.sg for clarity and consistency. Moved TrueCrypt-VeraCrypt_installer.1.sg from db/PE to db_extra/PE, with minor code and metadata adjustments.
