@@ -43,6 +43,11 @@ symbols = { | |||
description = "Encrypted archive in a message"; | |||
one_shot = true; | |||
} | |||
"MIME_OBFUSCATED_ARCHIVE" { | |||
weight = 8.0; | |||
description = "Archive has files with clear obfuscation signs"; | |||
one_shot = true; | |||
} | |||
"MIME_EXE_IN_GEN_SPLIT_RAR" { | |||
weight = 5.0; | |||
description = "EXE file in RAR archive with generic split extension (e.g. .001)"; |