mirrors/Detect-It-Easy
2
0
Fork 0
mirror of https://github.com/horsicq/Detect-It-Easy.git synced 2026-06-24 01:54:08 +00:00
Code Issues Projects Releases Packages Wiki Activity
Detect-It-Easy/db/MSDOS/EXEPACK.2.sg
DosX 90fc9474d7 -
2024-11-12 20:11:38 +03:00

57 lines
No EOL
2 KiB
JavaScript
Executable file
Raw Blame History

// Detect It Easy: detection rule file
init("packer", "EXEPACK");
function detect() {
if (MSDOS.compareEP("8cc005....0e1fa3....0306....8ec08b0e....8bf94f8bf7fdf3a4")) {
switch ((MSDOS.readByte(18) << 8) | MSDOS.readByte(20)) {
case 0x0010:
sVersion = "3.65";
break;
case 0x9910:
sVersion = "4.00";
break;
case 0x1510:
sVersion = "4.03";
break;
case 0x0012:
case 0x0112:
sVersion = "4.06";
break;
case 0x0014:
case 0x2d10:
case 0x7c10:
sVersion = "4.00 - 4.06";
break;
case 0x8410:
sVersion = "4.0x (possibly)";
break;
}
bDetected = true;
} else if (MSDOS.compareEP("428cc005....0e1fa3....0306....8ec08b0e....8bf94f8bf7fdf3a4")) {
if (MSDOS.readByte(18) == 0x00 && MSDOS.readByte(20) == 0x10) {
sVersion = "3.65";
}
bDetected = true;
} else if (MSDOS.compareEP("..52428be88cc005....0e1fa3....0306....8ec0..0e....8bf94f8bf7fdf3a4")) {
if (MSDOS.readByte(18) == 0x00 && MSDOS.readByte(20) == 0x10) {
sVersion = "3.65";
}
bDetected = true;
} else if (MSDOS.compareEP("8be88cc0......0e1fa3....0306....8ec08b0e........4f8bf7fdf3a4")) {
if (MSDOS.readByte(20) == 0x10) {
sVersion = "3.69";
} else if (MSDOS.readByte(18) == 0x00 && MSDOS.readByte(20) == 0x12) {
sVersion = "5.31.009";
}
bDetected = true;
} else if (MSDOS.compareEP("8be88cc0......0e1fa3....0306....06b8....06008b....8bf7fdf3a450b8....50cb")) {
sVersion = "5.31.009";
bDetected = true;
} else if (MSDOS.compareEP("8bc6f7d0d3e88cda2bd073..8cd82bd2d3e003f08eda8bc7")) {
sVersion = "3.65";
bDetected = true;
}
return result();
}
Reference in a new issue View git blame Copy permalink