Detect-It-Easy/db_extra/COM/packer_packers.2.sg

// Detect It Easy: detection rule file
// Author: hypn0 <hypn0@mail.ru>

meta("packer", "Packer");

function detect() {
    if (Binary.compare("bf....be....b9....fdf3a5fceb$$8bf7bf....adad8be8b2..e9")) {
        sOptions = "by B. Vorontsov";
        bDetected = true;
    } else if (Binary.compare("565056fd8bfc83ef..b9....be....f3a447ffe7")) {
        sOptions = "1997 by CyberWare";
        bDetected = true;
    } else if (Binary.compare("be....bd....558bce8d72..bf....d1e9fd57f3a58d75..fcf9bf....c3")) {
        sOptions = "1997 by JES //CORE";
        bDetected = true;
    } else if (Binary.compare("be....bd....558bce8d72..bf....d1e9fd57f3a58d75..fcf98bfdc3")) {
        sVersion = "1.2b";
        sOptions = "1997 by JES //CORE";
        bDetected = true;
    } else if (Binary.compare("508cc890ba....05....3b06....72..b4..ba....cd21b8....cd21")) {
        sOptions = "1996 by LostSoul";
        bDetected = true;
    }

    return result();
}