/* matching an MD5 using regex */
rule regex_ftw
{
meta:
	author = "sir"
	date = "20110429"
	type = "MD5"
	description = "Found an MD5"
	trigger = "true"
strings:
	$a = /md5: [0-9a-zA-Z]{32}/
condition:
	$a
}