From ec8f9920bac993e08a7e4047b44e0a0f623ce1ee Mon Sep 17 00:00:00 2001
From: Alda Vigdis Skarphedinsdottir
 <191583+aldavigdis@users.noreply.github.com>
Date: Tue, 17 Nov 2020 03:34:21 +0100
Subject: [PATCH] Adding definitions based on recent code injection

---
 definitions/patterns_raw.txt | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/definitions/patterns_raw.txt b/definitions/patterns_raw.txt
index 8f62ca1..7ab23a8 100644
--- a/definitions/patterns_raw.txt
+++ b/definitions/patterns_raw.txt
@@ -201,6 +201,7 @@ eval(base64_decode(
 $data = base64_decode("
 edoced_46esab
 base=base64_encode
+'b'.'ase6'.'4_e'.'ncode'
 cr"."eat"."e_fun"."cti"."on
 gz'.'inf'.'late
 # fopo.com.ar - free online php obfuscator. It conveniently leaves comments in the code.
@@ -260,6 +261,9 @@ itsoknoproblembro
 tmhapbzcerff
 IndoXploit
 FaisaL Ahmed aka rEd X
+smisbot
+smotherbot
+Indonesian Hacker Rulez
 
 # WP-VCD Malware https://www.getastra.com/blog/911/how-to-fix-wp-vcd-backdoor-hack-in-wordpress-functions-php/
 wp-vcd