Simplify xor usage in rules

[comawill]

This PR simplifies the usage of the xor-modifier.

Instead of searching for all xor variants, using the xor(min-max) syntax should increase performance and make the rules more readable.

Especially SUSP_XORed_MSDOS_Stub_Message is expected to match on more files now, since files containing the stub text in xored and non-xored variant will hit now, too.

[Neo23x0]

Thanks for the Pull Request, but I cannot merge it. The xor keyword is relatively young and the value modifier is even younger. It isn't even supported by plyara, a Python module that parses YARA rules into Python objects. Merging this request would break a lot of things. I am sorry.