mirrors/Detect-It-Easy
2
0
Fork 0
mirror of https://github.com/horsicq/Detect-It-Easy.git synced 2026-06-24 01:54:08 +00:00
Code Issues Projects Releases Packages Wiki Activity
Detect-It-Easy/db/PE/PeCompact.2.sg
hypn0chka 065d87125e Added version 2.20 and correct signature
2014-07-13 23:28:30 +06:00

71 lines
1.9 KiB
Text
Raw Permalink Blame History

// DIE's signature file
init("packer","PeCompact");
function detect(bShowType,bShowVersion,bShowOptions)
{
if(PE.compareEP("EB0668........C39C60BD........B902......B0908DBD........F3AA01AD........FFB5"))
{
sVersion="0.90-0.92";
bDetected=1;
}
else if(PE.compareEP("EB0668........C39C60E8........5D555881ED........2B85........0185........50B902"))
{
sVersion="0.94";
bDetected=1;
}
else if(PE.compareEP("EB$$9C60E8$$$$$$$$8BC483....938BE38B....81EB........87DD8B85........0185........66C785"))
{
sVersion="1.68-1.84";
bDetected=1;
}
else if(PE.compareEP("33C08BC483C004938BE38B5BFC81"))
{
sVersion="1.84";
bDetected=1;
}
else if(PE.compareEP("B8........05........5064FF350000000064892500000000CC90909090"))
{
sVersion="2.0 beta";
bDetected=1;
}
else if(PE.compareEP("B8........80002840"))
{
sVersion="2.x beta version";
bDetected=1;
}
else if(PE.compareEP("B8........5064FF..........6489..........33C089085045436F"))
{
sVersion="2.20";
bDetected=1;
}
else if(PE.compareEP("B8........5064FF35000000006489250000000033C08908'PEC'"))
{
sVersion="2.X";
if(PE.compareEP("32",27))
{
sOptions="Slim Loader";
}
bDetected=1;
}
else if(PE.compareEP("B8........5553515756528D98........8B5318528BE86A406800100000FF7304"))
{
sVersion="2.53-2.76";
bDetected=1;
}
else if(PE.isNET())
{
if(PE.isSignaturePresent(0,512,"00'PEC2XO'000000000000..0000..'.rsrc'00"))
{
sVersion="2.X-3.X";
bDetected=1;
}
else if(PE.isSignatureInSectionPresent(0,"'mscoree.dll'000000'CorBindToRuntimeEx'"))
{
sVersion="2.X-3.X";
bDetected=1;
}
}
return result(bShowType,bShowVersion,bShowOptions);
}
Reference in a new issue View git blame Copy permalink