mirrors/Detect-It-Easy
2
0
Fork 0
mirror of https://github.com/horsicq/Detect-It-Easy.git synced 2026-06-24 01:54:08 +00:00
Code Issues Projects Releases Packages Wiki Activity
Detect-It-Easy/db/PE/ARM_Protector.2.sg
DosX 90fc9474d7 -
2024-11-12 20:11:38 +03:00

21 lines
No EOL
482 B
JavaScript
Raw Blame History

// Detect It Easy: detection rule file
init("protector", "ARM Protector");
function detect() {
if (PE.compareEP("E8040000008360EB0C5DEB05")) {
switch (PE.readDword(PE.nEP + 42)) {
case 0xAB3:
sVersion = "0.5";
break;
case 0xBA1:
sVersion = "0.6";
break;
default:
sVersion = "0.1b-0.3b";
}
bDetected = true;
}
return result();
}
Reference in a new issue View git blame Copy permalink