From 354f075647d98ff0ad0daf1d358282451baa8418 Mon Sep 17 00:00:00 2001
From: Kendell R <KTibow@users.noreply.github.com>
Date: Sun, 2 Jun 2024 15:39:30 -0700
Subject: [PATCH] asterisk rat

---
 src/lib/analysis/runAnalysis.ts | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/lib/analysis/runAnalysis.ts b/src/lib/analysis/runAnalysis.ts
index c76bb91..f1d6ef9 100644
--- a/src/lib/analysis/runAnalysis.ts
+++ b/src/lib/analysis/runAnalysis.ts
@@ -40,6 +40,7 @@ const prescan = (zip: JSZip & JSZip.JSZipObject, files: string[], state: Analysi
     { name: "Kodeine", pattern: "a/b/c/d" },
     { name: "Yoink", pattern: "net/jodah/typetools" },
     { name: "CustomPayload Normal", pattern: "me/custompayload/normal" },
+    { name: "Asterisk", pattern: "me/ghosty/notarat" },
     { name: "SBFT", pattern: "com/sbft" },
     { name: "MacroMod", pattern: "com/macromod" },
     { name: "Quanity", pattern: "com/quantiy" },
@@ -75,6 +76,9 @@ const scan = (file: string, contents: string, state: Analysis) => {
       initialFind: { searchString: "branchlock", isRegex: true },
     };
   }
+  if (contents.includes("Sta* ckT*ra")) {
+    state.obfuscation["Obfuscator Asterisk"] = { file };
+  }
   if (
     contents.includes("nothing_to_see_here") ||
     contents.includes("thisIsAInsaneEncryptionMethod") ||