diff --git a/malware4.pl b/malware4.pl
index 8f097f3..5315e7b 100644
--- a/malware4.pl
+++ b/malware4.pl
@@ -79,6 +79,8 @@ my @regexen = (
     qr/<\?php\s+\/\*\*\s+WordPress.+?eval\(gz.+?\$x([A-z0-9]{1,10})\s+\,\"([0-9]{1,5})\"\)\;/is,
     qr/<\?php\s+\$noc\s+=\s+\".+?\$noc\[([0-9]{1,3})\]\.\$noc\[([0-9]{1,3})\]\.\$noc\[([0-9]{1,3})\]\.\$noc\[([0-9]{1,3})\].+?\$noc\[([0-9]{1,3})\]\.\$([A-z0-9]{1,10})\;\@\$([A-z0-9]{1,10})\(\$([A-z0-9]{1,10})\)\;\?>/is,
     qr/<\?php\s+\/\/function\s+M404\s+\(\)\{.+?\$strings\s+\=\s+explode\(\'\|\'\,\s+base64\_decode\(base64\_decode\(base64\_decode\(base64\_decode\(base64\_decode\(base64\_decode\(base64\_decode\(base64\_decode\(\$value\)\)\)\)\)\)\)\)\)\;.+?echo\s+\'\#\#\#\#\#\'\.\s+\$result\s+\.\s+\'\*\*\*\*\*\'\;\s+exit\;/is,
+	qr/<\?php\s+\$action\=\$\_REQUEST\[\'action\'\]\;\s+\/\/status.+?echo\s+\"File\s+does\s+not\s+exist\"\;\s+\}\s+\?>/is,
+    qr/<\?php\s+\$p\s+\=\s+\$\_REQUEST\[\"m\"\]\;\s+eval\(base64\_decode\(\$p\)\)\;\s+\?>/is,
 );
 my @base64_decodes = (