diff --git a/malware5.pl b/malware5.pl
index 98ddce6..9b47a8f 100644
--- a/malware5.pl
+++ b/malware5.pl
@@ -390,6 +390,7 @@ my @regexen = (
     qr/<\?php\s+error\_reporting\(.+?\@include\(\$\_FILES\[\'u\'\]\[\'tmp\_name\'\]\)\;.+?header\(\"HTTP\/1\.0\s+404.+?exit\(\)\;\s+\}\s+\?>/is,
     qr/<\?php\s+\@assert\(\$\_POST\[\'([A-z0-9]{1,20})\'\]\)\;\?>/is,
     qr/<\?php\s+\$([A-z0-9]{1,20})\s+\=\s+array\(.+?array\(\'bas\'\s+\,\'e64\'\s+\,\'\_de\'\s+\,\'cod\'\s+\,\'e\'\)\;\s+\$([A-z0-9]{1,20})\s+\=\s+array\(\'gzun\'\,\s+\'comp\'\,\s+\'ress\'\)\s+\;\$.+?eval.+?\?>/is,
+    qr/<\?php\s+\$([A-z0-9]{1,20})\s+\=\s+array\(.+?array\(\'bas\'\s+\,\'e64\'\s+\,\'\_de\'\s+\,\'cod\'\s+\,\'e\'\)\;\s+\$([A-z0-9]{1,20})\s+\=\s+array\(\'gz\'\,\s+\'un\'\,\s+\'co\'\,\s+\'mp\'\,\s+\'re\'\,\s+\'ss\'\)\s+\;\$.+?eval.+?\?>/is,
 
     );
 
diff --git a/malwaresh.pl b/malwaresh.pl
index dab18c9..1dd7c73 100644
--- a/malwaresh.pl
+++ b/malwaresh.pl
@@ -873,6 +873,7 @@ my @regexen = (
     qr/<\?php\s+error\_reporting\(.+?\@include\(\$\_FILES\[\'u\'\]\[\'tmp\_name\'\]\)\;.+?header\(\"HTTP\/1\.0\s+404.+?exit\(\)\;\s+\}\s+\?>/is,
     qr/<\?php\s+\@assert\(\$\_POST\[\'([A-z0-9]{1,20})\'\]\)\;\?>/is,
     qr/<\?php\s+\$([A-z0-9]{1,20})\s+\=\s+array\(.+?array\(\'bas\'\s+\,\'e64\'\s+\,\'\_de\'\s+\,\'cod\'\s+\,\'e\'\)\;\s+\$([A-z0-9]{1,20})\s+\=\s+array\(\'gzun\'\,\s+\'comp\'\,\s+\'ress\'\)\s+\;\$.+?eval.+?\?>/is,
+    qr/<\?php\s+\$([A-z0-9]{1,20})\s+\=\s+array\(.+?array\(\'bas\'\s+\,\'e64\'\s+\,\'\_de\'\s+\,\'cod\'\s+\,\'e\'\)\;\s+\$([A-z0-9]{1,20})\s+\=\s+array\(\'gz\'\,\s+\'un\'\,\s+\'co\'\,\s+\'mp\'\,\s+\'re\'\,\s+\'ss\'\)\s+\;\$.+?eval.+?\?>/is,
 
 );