Thread: Exeinfo PE
View Single Post
  #29  
Old 08-21-2013, 10:13
MistHill MistHill is offline
Family
 
Join Date: Dec 2012
Posts: 31
Rept. Given: 12
Rept. Rcvd 42 Times in 13 Posts
Thanks Given: 26
Thanks Rcvd at 135 Times in 28 Posts
MistHill Reputation: 42
ExeinfoPE v.0.0.3.4 Beta2 696 sign/Ext_Detector v.1.0.0

ReadMe.txt for ExeinfoPE
Code:
ExeinfoPE v.0.0.3.4 Beta2 696 sign - for Beta Tester only not for usage ( with NAG )

Total not tested version , possible nonSense diagnose !!! , many signatures modified

fixed :

- file scaner changed ( ex. VMProtect ) Faster scan 
- compiler detector - add Cygwin - detect console app
- fixed detection for 2 section dll    *generic check - Microsoft Visual C# / Basic.NET / MS Visual Basic 
- Fixed - inteli check : MINGW - Bloodshed Software ( www.bloodshed.net )
- StatWin GUI - MD5 copy to clip fixed
- Copy As .bak - close removed and .ext fixed / path
- Rename file - fixed path and txt 
- added detection for : Private exe Protector v.4.1.2
- rar ripper file names changed to Hex "XX-rip.rar"
- rar added pass info : NOT EXE - its archive - .RAR >  Used : [ Password needed - HEADER Crypted ]
- Export view fixed
- added : LE - Linear Executable ( VxD driver Win 3.x / Dos Ext. /  OS/2 ) - mixed 16/32 bit

and more

new sign :

681. InstallIQ - 2012-2013 InstallX, LLC  [ MS C++ v.xx ] - www.installiqlearnmore.com
682. ToolBelt Installer - www.?????.com - Microsoft Visual C++ 9.0 - Visual Studio 2008
683. ( UPX 3.x modified ) Softonic Downloader - PUA / Adware / Downware - www.softonic.com*
684. Google Installer  www.google.com -  Microsoft Visual C++ ver. 8.0 / Visual Studio 2005
685. Squeez Sqx Archive Selfextractor v.5.63 SQ5SFX overlay - www.speedproject.de/enu/support/updates.html ( Upx / not Upx )
686. Adobe Flash Player v11.x - www.adobe.com - Microsoft Visual C++ 9.0 - Visual Studio 2008 (E8)
687. FreeArc 0.5x -0.67 SFX stub - ovl .Arc Archive [ v0.xx ] - Dev-C++ / UPX stub
688. Tampared : Inno Setup -> [ '????' Setup v.5.1.13 ]
689. Logic Protect EXE Ceator 2.0.4 - www.logicprotect.com ( stub : Microsoft Visual C++ ver. 8.0 )
690. CodeWall 2010 v4.1.1.0 ( *trial .NET Protector ) - www.codewall.net - Microsoft Visual C# / Basic.NET
691. Private exe Protector v.4.1.2 (30.01.2013)  - www.setisoft.com
692. Private exe Protector v.4.1.2 *Trial- DLL - (30.01.2013)  - www.setisoft.com
693. Kaspersky AV Pack  ( exe/dll ) - www.kaspersky.com    *ACM
694. InstallAware DRM ( Trialware Creator )  Copyright 1998-2009 Softwrap Ltd.
695. [.NET source exe ] - InstallAware DRM ( Trialware Creator )  Copyright 1998-2009 Softwrap Ltd.
696. Themida/Winlicense v.2.1.0.0 ( std mode ) -> Oreans Technologies - www.oreans.com  *ACM

A.S.L.
Improved File Scaner. For example, VMProtect 2.09 & apps protected by Themida/Winlicense v.2.1.0.0 can be identified now.

ReadMe.txt for Ext_Detector
Code:
  ********************************************************
  *                                                      *
  *                Ext_Detector.dll                      *
  *                                                      *
  *      Non executable detector for Exeinfo Pe          *
  *                                                      *
  *      ver.1.0.0 - required Exeinfo v.0.0.3.1          *
  *                                                      *
  *               www.exeinfo.xwp.pl                     *
  *                                                      *
  *               2013.07.06 by A.S.L                    *
  *                                                      *
  *                freeware version                      *
  *                                                      *
  ********************************************************
...
exeinfope_v0034_Beta2_696.zip
Ext_Detector_v100.zip
Reply With Quote
The Following 7 Users Gave Reputation+1 to MistHill For This Useful Post:
kienmanowar (08-26-2013), Molasar (08-28-2013), nikkapedd (08-31-2013), the_beginner (08-26-2013), user1 (08-24-2013), wilson bibe (08-21-2013), xtiaoshi (08-21-2013)
The Following User Says Thank You to MistHill For This Useful Post:
Indigo (07-19-2019)