diff --git a/malware/APT_Danti_svcmondr.yar b/malware/APT_Danti_svcmondr.yar
index 68053f4..d04e131 100644
--- a/malware/APT_Danti_svcmondr.yar
+++ b/malware/APT_Danti_svcmondr.yar
@@ -13,7 +13,7 @@
 
 /* Rule Set ----------------------------------------------------------------- */
 
-rule Mal_Dropper_httpEXE_from_CAB {
+rule Mal_Dropper_httpEXE_from_CAB : Dropper {
 	meta:
 		description = "Detects a dropper from a CAB file mentioned in the article"
 		author = "Florian Roth"
@@ -28,7 +28,7 @@ rule Mal_Dropper_httpEXE_from_CAB {
 		( uint16(0) == 0x5a4d and filesize < 1000KB and ( all of ($s*) ) )
 }
 
-rule Mal_http_EXE {
+rule Mal_http_EXE : Trojan {
 	meta:
 		description = "Detects trojan from APT report named http.exe"
 		author = "Florian Roth"