mirror of
https://github.com/horsicq/Detect-It-Easy.git
synced 2026-06-24 01:54:08 +00:00
a7b081afa3
Detection rule files were renamed and reorganized to use more descriptive prefixes (e.g., compiler_, packer_, sfx_, etc.) for improved clarity and maintainability. Minor code formatting changes were made to some files, and a new detection rule for IBM VisualAge PL/I was added.
22 lines
No EOL
623 B
JavaScript
22 lines
No EOL
623 B
JavaScript
// Detect It Easy: detection rule file
|
|
// Author: hypn0 <hypn0@mail.ru>
|
|
|
|
meta("protector", "Protect Disc");
|
|
|
|
function detect() {
|
|
if (PE.compareEP("363e268ac060e8$$$$$$$$558bec83ec..b8........8b7d..2bf8e8")) {
|
|
sVersion = "9.11.0";
|
|
sOptions = "Build " + getBuild();
|
|
bDetected = true;
|
|
} else if (PE.compareEP("363e268ac060e8$$$$$$$$5f81ef........be........8b87........03c657568ca7")) {
|
|
sVersion = "7.5.3";
|
|
sOptions = "Build " + getBuild();
|
|
bDetected = true;
|
|
}
|
|
|
|
return result();
|
|
}
|
|
|
|
function getBuild() {
|
|
return PE.readDword(PE.getEntryPointOffset() + 0x3e);
|
|
} |