Detect-It-Easy/db/PE/format_AutoHotKey.3.sg

// Detect It Easy: detection rule file

meta("format", "Compiled AutoHotKey");

function detect() {
    if (PE.resource[">AUTOHOTKEY SCRIPT<"]) {
        sVersion = PE.getFileVersion();
        bDetected = true;
    } else {
        var sManifest = PE.getManifest();

        if (sManifest.indexOf("AutoHotkey") !== -1 && // First, we look for a substring to save processor cycles
            sManifest.match(/(\n?)<assemblyIdentity.*?(\n?).*version(.*?)(\n?)name=\"AutoHotkey\"/)) {
            aVersion = sManifest.match(/version=\"(.*?)\" ?name=\"AutoHotkey/);
            sVersion = aVersion[1];
            bDetected = true;
        }
    }

    return result();
}