diff --git a/nursery/log-keystrokes-via-input-method-manager.yml b/nursery/log-keystrokes-via-input-method-manager.yml
new file mode 100644
index 00000000..0a266d23
--- /dev/null
+++ b/nursery/log-keystrokes-via-input-method-manager.yml
@@ -0,0 +1,16 @@
+# generated using capa explorer for IDA Pro
+rule:
+  meta:
+    name: log keystrokes via Input Method Manager
+    namespace: collection/keylog
+    authors:
+      - "@mr-tz"
+    scope: function
+  features:
+    - and:
+      - or:
+        - api: ImmGetCompositionString
+        - api: ImmGetVirtualKey
+      - optional:
+        - api: ImmGetContext
+        - api: ImmReleaseContext