mirror of
https://github.com/horsicq/Detect-It-Easy.git
synced 2026-06-24 01:54:08 +00:00
16 lines
No EOL
451 B
JavaScript
Executable file
16 lines
No EOL
451 B
JavaScript
Executable file
// Detect It Easy: detection rule file
|
|
// Author: hypn0 <hypn0@mail.ru>
|
|
|
|
init("protector", "com-crypt");
|
|
|
|
function detect() {
|
|
if (Binary.compare("b8....ffe0")) {
|
|
sOffset = Binary.readWord(1);
|
|
if (Binary.compare("5756bf....b8....abb8....abb0..aa89feb9....31dbad01c329cb89d8abe2", sOffset - 0x100)) {
|
|
sOptions = "by BlackLight, MANtiCORE";
|
|
bDetected = true;
|
|
}
|
|
}
|
|
|
|
return result();
|
|
} |