Possible typo in MALWARE_Linux_RansomExx

[PeterMatula]

I was randomly browsing your malware rules when my eyes landed on MALWARE_Linux_RansomExx condition. It says 5 of ($s*) or 6 of ($s*) which does not make sense to me. From the context I would guess it should be something like: 5 of ($s*) or 6 of ($c*). I would make a PR, but I'm not really sure if I'm guessing right.

[ditekshen]

Thanks! It should have been 5 of ($c*) or 6 of ($s*). Its fixed in https://github.com/ditekshen/detection/commit/0519f0af59045d5a7e1049f416903e9db2da2c8a.