From fd5b7fb6aaeeed28238770e22aed8f801f3b92fe Mon Sep 17 00:00:00 2001
From: theMiddleBlue <menin.andrea@gmail.com>
Date: Tue, 23 Apr 2024 16:47:28 +0200
Subject: [PATCH] fix: replace matcher type with regex

---
 network/c2/xtremerat-trojan.yaml | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/network/c2/xtremerat-trojan.yaml b/network/c2/xtremerat-trojan.yaml
index 7a315de265..dc51d18180 100644
--- a/network/c2/xtremerat-trojan.yaml
+++ b/network/c2/xtremerat-trojan.yaml
@@ -25,8 +25,7 @@ tcp:
     read-size: 1024
 
     matchers:
-      - type: word
-        encoding: hex
-        words:
-          - "58"
+      - type: regex
+        regex:
+          - "^X$"
 # digest: 4a0a0047304502206fa95ec595a2933ca08a0326dbce0d411afd01de4b65c0c060b9d1317264e96e022100a648393498fd3a99b1aec95f74372fc476d2e484933f438b68468bc6efa642d4:922c64590222798bb761d5b6d8e72950
\ No newline at end of file