mirror of
https://github.com/horsicq/Detect-It-Easy.git
synced 2026-06-24 01:54:08 +00:00
21 lines
No EOL
590 B
JavaScript
Executable file
21 lines
No EOL
590 B
JavaScript
Executable file
// Detect It Easy: detection rule file
|
|
// Author: horsicq <horsicq@gmail.com>
|
|
|
|
meta("library", "Java");
|
|
|
|
function detect() {
|
|
if (PE.getOverlaySize() > 0x40) {
|
|
if (PE.findString(PE.getOverlayOffset(), 0x40, "META-INF/MANIFEST.MF") != -1) {
|
|
var nResSection = PE.getResourceSection();
|
|
if (nResSection != -1) {
|
|
if (PE.isSignatureInSectionPresent(nResSection, "'Java Runtime Environment'")) {
|
|
bDetected = true;
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
sLang = "Java";
|
|
|
|
return result();
|
|
} |