Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

The detection of BAT to PE-EXE script-compilers. #761

Merged
merged 3 commits into from
May 5, 2020
Merged

The detection of BAT to PE-EXE script-compilers. #761

merged 3 commits into from
May 5, 2020

Conversation

tamaroth
Copy link
Contributor

@tamaroth tamaroth commented May 4, 2020

This pull request adds the detection of the following BAT to PE-EXE compilers:

These programs are not strictly compilers, they are quite difficult to categorise. They never compile the BAT to a VM or intermediate language, but rather the store the script file in the executable file (resources, read-only data, overlay, etc.) and execute them (by either dropping them to a file or seldomly directly from memory).

If required, I could change their categorization from Compiler to Packer, despite the fact they rarely use compression on the batch files.

The corresponding tests have been added to retdec-regression-tests.

@tamaroth
Add the detection of BAT2EXE script compiler from F2KO.
893cc06 
It's a simple BAT to PE-EXE script compiler from the German company F2KO.
@tamaroth
Add the detection of Advanced BAT to EXE Converter from BDargo Software.
05bfd2b 
It is yet another BAT to PE-EXE script compiler.
@tamaroth
Add the detection of ExeScript.
711171b 
It is a discontinued but still prevalent BAT script compiler to EXE form.
@tamaroth tamaroth requested a review from s3rvac May 4, 2020 12:21
@s3rvac
Copy link
Member

s3rvac commented May 5, 2020

Let's run TeamCity tests.

s3rvac
s3rvac approved these changes May 5, 2020
View reviewed changes
Copy link
Member

@s3rvac s3rvac left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If required, I could change their categorization from Compiler to Packer, despite the fact they rarely use compression on the batch files.

The current categorization is fine by me. Thank you for adding the detection 👍

All tests are passing, so I am merging this.

@s3rvac s3rvac merged commit fab8f3e into master May 5, 2020
s3rvac added a commit that referenced this pull request May 5, 2020
@s3rvac
Add a CHANGELOG entry for #761.
54eb8be
@s3rvac s3rvac deleted the improvement-bat2exe-detection branch May 5, 2020 13:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@s3rvac s3rvac s3rvac approved these changes

Assignees

@s3rvac s3rvac

Labels
C-cpdetect enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@tamaroth @s3rvac