rule testgen_dropper_strings 
{
strings:
$str_01 = "Copyright 1995-2005 Test Unicode"
$str_02 = "Copyright 1995-2005 Test Unicode2"
$str_03 = "A8CDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/="
$str_04 =" TESTGEN"
$str_05 = "TESTING"
$str_06 = "SOFTWARE\\Clients\\Mail"
$str_07 = "8.8.8.8"
$str_08 = "<(:<\\Documents and Settings\\all users\\Application Data\\�"
$str_09 = "C:\\ProgramData\\Microsoft\\RAC\\"
condition:
(uint16(0) == 0x5A4D) and (6 of ($str*)) and (#str_05 > 1)
}