Detect-It-Easy/db/Binary/format_bin.WindowsIconCacheDB.1.sg

// Detect It Easy: detection rule file
// Author: Arjan Onwezen

meta("format", "Windows IconCacheDB");

function detect() {
    if (Binary.getSize() >= 20) {
        if (Binary.compare("..000000'Win4'")) {
            bDetected = true;
            switch (Binary.read_uint16(12)) {
                case 6000: sOption("Vista (Build 6000)"); break;
                case 6001: sOption("Vista (Build 6001)"); break;
                case 7600: sOption("Windows 7 (Build 7600)"); break;
                case 7601: sOption("Windows 7 (Build 6701)"); break;
                case 10586: sOption("Windows 10 (Build 10586)"); break;
                default: sOption("Unknown version");
            }
        }
    }

    return result();
}