1 files changed, 2 insertions, 2 deletions
diff --git a/php-malware-finder/php.yar b/php-malware-finder/php.yar
index 029aaf9..de5b1f7 100644
--- a/php-malware-finder/php.yar
+++ b/php-malware-finder/php.yar
@@ -206,7 +206,7 @@ private rule IRC
        5 of them
 }
-private rule base64
+private rule b64
 {
    strings:
        $user_agent = "SFRUUF9VU0VSX0FHRU5UCg"
@@ -268,7 +268,7 @@ private rule strrev
 rule SuspiciousEncoding
 {
    condition:
-        (base64 or hex or strrev or Hpack) and not IsWhitelisted
+        (b64 or hex or strrev or Hpack) and not IsWhitelisted
 }
 rule DodgyStrings

diff --git a/php-malware-finder/php.yar b/php-malware-finder/php.yar index 029aaf9..de5b1f7 100644 --- a/php-malware-finder/php.yar +++ b/php-malware-finder/php.yar
@@ -206,7 +206,7 @@ private rule IRC
206	5 of them	206	5 of them
207	}	207	}
208		208
209	private rule base64	209	private rule b64
210	{	210	{
211	strings:	211	strings:
212	$user_agent = "SFRUUF9VU0VSX0FHRU5UCg"	212	$user_agent = "SFRUUF9VU0VSX0FHRU5UCg"
@@ -268,7 +268,7 @@ private rule strrev
268	rule SuspiciousEncoding	268	rule SuspiciousEncoding
269	{	269	{
270	condition:	270	condition:
271	(base64 or hex or strrev or Hpack) and not IsWhitelisted	271	(b64 or hex or strrev or Hpack) and not IsWhitelisted
272	}	272	}
273		273
274	rule DodgyStrings	274	rule DodgyStrings