diff --git a/data/yara/CAPE/Clop.yar b/data/yara/CAPE/Clop.yar
new file mode 100644
index 000000000..19e770833
--- /dev/null
+++ b/data/yara/CAPE/Clop.yar
@@ -0,0 +1,11 @@
+rule Clop
+{
+    meta:
+        author = "kevoreilly"
+        cape_type = "Clop Payload"
+    strings:
+        $string1 = "%s%s.Cl0p" wide
+        $string2 = "%s\\Cl0pReadMe.txt" wide
+    condition:
+        uint16(0) == 0x5A4D and all of them
+}