mirrors/Detect-It-Easy
2
0
Fork 0
mirror of https://github.com/horsicq/Detect-It-Easy.git synced 2026-06-24 01:54:08 +00:00
Code Issues Projects Releases Packages Wiki Activity
Detect-It-Easy/db/PE/installer_CreateInstall.1.sg
Benjamin Funke 0b2f054553 add references to PE signatures
2026-06-21 17:54:53 +02:00

24 lines
No EOL
918 B
JavaScript
Executable file
Raw Blame History

// Detect It Easy: detection rule file
// Author: horsicq <horsicq@gmail.com>
// https://www.createinstall.com/
meta("installer", "CreateInstall");
function detect() {
if (PE.compareEP("558BEC81EC200200005356576A00FF15........68........894508FF15........85C074276A00A1........50FF15")) {
bDetected = true;
} else if (PE.compareEP("81EC0C0400005356575568605040006A016A00FF15........8BF0FF15........3DB7000000750F56FF15")) {
if (PE.compareOverlay("02060a0405fd59")) {
sVersion = "2003.3.5";
bDetected = true;
}
} else if (PE.compareOverlay("'aWAW'")) {
if (PE.compareEP("64a1........558bec6a..68........68........50648925........83ec..5356578965..ff15")) {
bDetected = true;
} else if (PE.compareEP("68........ff15........0bc074..e8")) {
bDetected = true;
}
}
return result();
}
Reference in a new issue View git blame Copy permalink