From 0960fca14ee711f0f7e3369970643532afdf4ec5 Mon Sep 17 00:00:00 2001
From: Matt Graeber <60448025+mgraeber-rc@users.noreply.github.com>
Date: Tue, 27 Jul 2021 09:47:29 -0400
Subject: [PATCH] Update T1059.001.yaml

Removing extra space in line 379
---
 atomics/T1059.001/T1059.001.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/atomics/T1059.001/T1059.001.yaml b/atomics/T1059.001/T1059.001.yaml
index 096bfbf9..4ab3d989 100644
--- a/atomics/T1059.001/T1059.001.yaml
+++ b/atomics/T1059.001/T1059.001.yaml
@@ -376,7 +376,7 @@ atomic_tests:
     command: 'Out-ATHPowerShellCommandLineParameter -CommandLineSwitchType #{command_line_switch_type} -EncodedCommandParamVariation #{encoded_command_param_variation} -UseEncodedArguments -EncodedArgumentsParamVariation #{encoded_arguments_param_variation} -Execute -ErrorAction Stop'
     name: powershell
 
- - name: PowerShell Command Execution
+- name: PowerShell Command Execution
   auto_generated_guid: a538de64-1c74-46ed-aa60-b995ed302598
   description: |
     Use of obfuscated PowerShell to execute an arbitrary command; outputs "Hello, from PowerShell!". Example is from the 2021 Threat Detection Report by Red Canary.