mirror of
https://github.com/horsicq/Detect-It-Easy.git
synced 2026-06-24 01:54:08 +00:00
136 lines
No EOL
5.3 KiB
JavaScript
Executable file
136 lines
No EOL
5.3 KiB
JavaScript
Executable file
// Detect It Easy: detection rule file
|
|
// Author: hypn0 <hypn0@mail.ru>
|
|
|
|
init("protector", "PROTECT! EXE");
|
|
|
|
function detect() {
|
|
/*
|
|
if (MSDOS.findSignature(0, MSDOS.getSize(), "0c02e9......e421e9......88e0..........eb....e621e9......88c4........e9......e621eb") != -1) {
|
|
sVersion = "5.5";
|
|
bDetected = true;
|
|
} else if (MSDOS.findSignature(0, MSDOS.getSize(), "e42150e9......e621e9......58e621e9......b0ffeb") != -1) {
|
|
sVersion = "5.0";
|
|
bDetected = true;
|
|
} else */
|
|
if (MSDOS.compareEP("1e0e0e1f07bd")) {
|
|
sVersion = "5.0";
|
|
bDetected = true;
|
|
} else if (MSDOS.compareEP("1e0e0e071fbb")) {
|
|
sVersion = "5.0";
|
|
bDetected = true;
|
|
} else if (MSDOS.compareEP("1e0e0e1f07ba")) {
|
|
sVersion = "5.0";
|
|
bDetected = true;
|
|
} else if (MSDOS.compareEP("1e0e0e1f07bb")) {
|
|
sVersion = "5.0";
|
|
bDetected = true;
|
|
} else if (MSDOS.compareEP("1e0e0e1f07bf")) {
|
|
sVersion = "5.0";
|
|
bDetected = true;
|
|
} else if (MSDOS.compareEP("1e0e0e1f07be")) {
|
|
sVersion = "5.0";
|
|
bDetected = true;
|
|
} else if (MSDOS.compareEP("1e0e0e1f07e8")) {
|
|
sVersion = "5.0";
|
|
bDetected = true;
|
|
} else if (MSDOS.compareEP("0e071e0e1fbf")) {
|
|
sVersion = "4.1";
|
|
bDetected = true;
|
|
} else if (MSDOS.compareEP("0e071e0e1fba")) {
|
|
sVersion = "4.1";
|
|
bDetected = true;
|
|
} else if (MSDOS.compareEP("0e071e0e1fbd")) {
|
|
sVersion = "4.1";
|
|
bDetected = true;
|
|
} else if (MSDOS.compareEP("0e071e0e1fbe")) {
|
|
sVersion = "4.1";
|
|
bDetected = true;
|
|
} else if (MSDOS.compareEP("0e071e0e1fbb")) {
|
|
sVersion = "4.1";
|
|
bDetected = true;
|
|
} else if (MSDOS.compareEP("fd1e2efe......81c5")) {
|
|
sVersion = "5.5";
|
|
bDetected = true;
|
|
} else if (MSDOS.compareEP("fd8a....80....1E80")) {
|
|
sVersion = "5.5";
|
|
bDetected = true;
|
|
} else if (MSDOS.compareEP("fd1e........0e07")) {
|
|
sVersion = "5.5";
|
|
bDetected = true;
|
|
} else if (MSDOS.compareEP("fd1e....0e0e80de..88f6")) {
|
|
sVersion = "5.5";
|
|
bDetected = true;
|
|
} else if (MSDOS.compareEP("fd1e..................0e070e1f")) {
|
|
sVersion = "5.5";
|
|
bDetected = true;
|
|
} else if (MSDOS.compareEP("fd1e..................0e0e....071f")) {
|
|
sVersion = "5.5";
|
|
bDetected = true;
|
|
} else if (MSDOS.compareEP("fd....................1e............0e0e07")) {
|
|
sVersion = "5.5";
|
|
bDetected = true;
|
|
} else if (MSDOS.compareEP("..................1efc..........0e........................................1f0e....07")) {
|
|
sVersion = "5.5";
|
|
bDetected = true;
|
|
} else if (MSDOS.compareEP("....fc1e0e0e1f07")) {
|
|
sVersion = "5.5";
|
|
bDetected = true;
|
|
} else if (MSDOS.compareEP("1efd2efe")) {
|
|
sVersion = "5.5";
|
|
bDetected = true;
|
|
} else if (MSDOS.compareEP("fd1e0e070e1f26fe")) {
|
|
sVersion = "5.5";
|
|
bDetected = true;
|
|
} else if (MSDOS.compareEP("2ea3....8cd82ea3....8cc82ea3....2e892e....33c08ec0fafc26a1....2ea3....26a1")) {
|
|
sVersion = "3.0";
|
|
bDetected = true;
|
|
} else if (MSDOS.compareEP("e8$$$$1e068cc88ed88ec02ec606")) {
|
|
sVersion = "1.0";
|
|
bDetected = true;
|
|
} else if (MSDOS.compareEP("8cd805....50b8....501e068cda83c2..b9....be....0e1fad8bd8ad03c28ec0260117e2")) {
|
|
sOptions = "relocpacker";
|
|
sVersion = "1.0";
|
|
bDetected = true;
|
|
} else if (MSDOS.compareEP("1eb430cd213c..73..cd20be....e8....e8")) {
|
|
sVersion = "6.0";
|
|
bDetected = true;
|
|
} else if (MSDOS.compareEP("2ea3....8cd82ea3....8cc82ea3....2e892e....33c08ed8fafcbe....0e07")) {
|
|
sVersion = "3.1";
|
|
bDetected = true;
|
|
} else if (MSDOS.compareEP("8cdb0e0e1f07b9....e800005e81c6....89f7ac34..aae2")) {
|
|
sVersion = "4.0";
|
|
bDetected = true;
|
|
} else if (MSDOS.compareEP("80ed..80e9..80c5..31c5fd1e2efe0e....0e0a2b3a0f80d9")) {
|
|
sVersion = "5.5";
|
|
bDetected = true;
|
|
} else if (MSDOS.compareEP("1e124d..fd32c901cf0e33ff13fe85cf0e")) {
|
|
sVersion = "5.5";
|
|
bDetected = true;
|
|
} else if (MSDOS.compareEP("19da22b1....19ea22b7....3af33af780ea..30de23f933f91290....b6..fc1e")) {
|
|
sVersion = "5.5";
|
|
bDetected = true;
|
|
} else if (MSDOS.compareEP("00d6fc1e2efe0e....2ad70e1f80f2..80ce..3a8f....0e2a08")) {
|
|
sVersion = "5.5";
|
|
bDetected = true;
|
|
} else if (MSDOS.compareEP("fc1e2efe......80ce..1a3588ea0e....1f0e07")) {
|
|
sVersion = "5.5";
|
|
bDetected = true;
|
|
} else if (MSDOS.compareEP("fc1e....0e1f0e07")) {
|
|
sVersion = "5.5";
|
|
bDetected = true;
|
|
} else if (MSDOS.compareEP("fc1e......................0e1f0e07")) {
|
|
sVersion = "5.5";
|
|
bDetected = true;
|
|
} else if (MSDOS.compareEP("fc1e........................................0e1f0e07")) {
|
|
sVersion = "5.5";
|
|
bDetected = true;
|
|
} else if (MSDOS.compareEP("e8$$$$1e068cc88ed88ec0be....8bfeb9....ac")) {
|
|
sVersion = "2.0";
|
|
bDetected = true;
|
|
} else if (MSDOS.compareEP("5053515657061e0e1f8ccb2e011e....81eb....b9")) {
|
|
sVersion = "5.5";
|
|
bDetected = true;
|
|
}
|
|
|
|
return result();
|
|
} |