rule windowsmalware{
meta:
description = "Windows malware"
strings:
$s = "Software\\Microsoft\\Windows\\CurrentVersion\\Run"
condition:
$s
}rule windowsmalware{
meta:
description = "Windows malware"
strings:
$s = "Software\\Microsoft\\Windows\\CurrentVersion\\Run"
condition:
$s
}