diff --git a/malware4.pl b/malware4.pl
index 96fbbf0..5002737 100644
--- a/malware4.pl
+++ b/malware4.pl
@@ -29,6 +29,7 @@ my @regexen = (
     qr/<\?php\s+if\s+\(\!defined\(\'ALREADY\_RUN\_.+?define\(\'ALREADY\_RUN\_.+?eval\/\*i\*\/\(([A-z0-9]{1,20})\(\$([A-z0-9]{1,10})\,\s+\$([A-z0-9]{1,10})\)\)\;\s+\}/is,
     qr/<\?php\s+eval\(gzuncompress\(.+?\"\)\)\;/is,
     qr/<\?php.+?class\s+JApplication.+?new\s+JApplication\(array\s+\(\'UID\'\s+\=>\s+\'([A-z0-9]{1,20})\'\)\)\;/is,
+    qr/<\?php\s+\/\*\s+\@package\s+WordPress\s+\*\/\s+eval\(base64\_decode\(\@\$\_POST\[\"([A-z0-9]{1,20})\"\]\)\)\;\?>/is,
     );
 my @base64_decodes = (