diff --git a/definitions/patterns_raw.txt b/definitions/patterns_raw.txt
index d9b3b73..f9dac5e 100644
--- a/definitions/patterns_raw.txt
+++ b/definitions/patterns_raw.txt
@@ -205,6 +205,7 @@ http://www.fopo.com.ar/
 @eval("\
 ";eval(
 eval(eval(
+@eval(`
 
 #Malware/Attack specific strings/fingerprints/signatures
 MagelangCyber
@@ -413,6 +414,10 @@ eval(rawurldecode('
 'ode', 'e64_', 'bas', 'dec'
 'unct', 'ion', 'te_f', 'crea'
 'te', 'g', 'nf', 'l', 'a', 'zi'
+'tion', 'e_func', 'creat'
+'64_d', 'se', 'eco', 'de', 'ba'
+'co', 'ki', 'e', 'o', 'set'
+'str', '_rep', 'lace'
 
 # process data from request object directly
 extract($_REQUEST) && @$