From 9d4ef0beb90db8742281f1a7f4088844fc3b60cd Mon Sep 17 00:00:00 2001
From: Bart P <3075118+bartblaze@users.noreply.github.com>
Date: Tue, 13 Aug 2024 16:19:59 +0200
Subject: [PATCH] Update BroEx.yar

---
 rules/crimeware/BroEx.yar | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/rules/crimeware/BroEx.yar b/rules/crimeware/BroEx.yar
index 6f8e18f..a3893f1 100644
--- a/rules/crimeware/BroEx.yar
+++ b/rules/crimeware/BroEx.yar
@@ -42,7 +42,7 @@ strings:
 	if (*(short *)param_2 != 0) {
 	pvVar1 = (void *)0xffffffffffffffff;
 	*/
-	$str_decode = { 4? 53 4? 83 ec 20 4? 33 c0 4? c7 41 18 07 00 00 00 4? 8b d9 4? 89 41 10 66 4? 89 01 66 4? 39 02 74 11 4? 83 c8 ff  }
+	$str_decode = {4? 53 4? 83 ec 20 4? 33 c0 4? c7 41 18 07 00 00 00 4? 8b d9 4? 89 41 10 66 4? 89 01 66 4? 39 02 74 11 4? 83 c8 ff}
 
 condition:
 	uint16(0) == 0x5a4d and ($pdb or 2 of ($mut*) or all of ($browser*)