mirror of
https://github.com/horsicq/Detect-It-Easy.git
synced 2026-06-24 01:54:08 +00:00
1db7ae8b55
Rename and reorganize multiple MSDOS rule files into categorized names (compiler_*, converter_*, debug_data_*, protector_*). Add sLang="C" to Aztec C detection, adjust Borland TDS meta key to "debug data" and tweak its description. Improve PE generic heuristic whitelist with many new/expanded regexes for dates, versions, GUIDs/hashes, naming conventions, platform identifiers and product/package tokens. Update author/attribution comments for several PE cryptor/compiler rules to DosX, and fix detection logic in Duals eXe Encryptor by marking bDetected earlier. Miscellaneous formatting and comment cleanups.
16 lines
No EOL
414 B
JavaScript
16 lines
No EOL
414 B
JavaScript
// Detect It Easy: detection rule file
|
|
// Author: hypn0 <hypn0@mail.ru>
|
|
|
|
meta("compiler", "Concurrent Small C");
|
|
|
|
function detect() {
|
|
if (MSDOS.compareEP("b8....8ed826a1....2d....80fc..72..9090b8....b1..d3e0fa8cdb8ed38be050fbb8....2d....d3e08bd8fec7fec73b..72..9090")) {
|
|
sVersion = "1.0";
|
|
sOptions = "1996 by Andy Yuen";
|
|
bDetected = true;
|
|
}
|
|
|
|
sLang = "C";
|
|
|
|
return result();
|
|
} |