mirror of
https://github.com/horsicq/Detect-It-Easy.git
synced 2026-06-24 01:54:08 +00:00
20 lines
No EOL
695 B
JavaScript
Executable file
20 lines
No EOL
695 B
JavaScript
Executable file
// Detect It Easy: detection rule file
|
|
// Author: horsicq <horsicq@gmail.com>
|
|
|
|
// https://en.wikipedia.org/wiki/AutoIt
|
|
meta("format", "AutoIt");
|
|
|
|
function detect() {
|
|
if (PE.isResourceNamePresent("SCRIPT")) {
|
|
sVersion = "3.XX";
|
|
bDetected = true;
|
|
} else if (PE.compareEP("e8$$$$$$$$8bff558bec83ec..a1........8365....8365....5357bf........bb........3bc774..85c374..f7d0") && PE.compareOverlay("a3484bbe986c4aa9")) {
|
|
sVersion = "3.XX";
|
|
bDetected = true;
|
|
} else if (PE.getVersionStringInfo("FileDescription") == "Compiled AutoIt Script") {
|
|
sVersion = PE.getFileVersionMS();
|
|
bDetected = true;
|
|
}
|
|
|
|
return result();
|
|
} |