Update proc_creation_win_lolbins_by_office_applications.yml

Adding msidb.exe references are below.
https://www.elastic.co/security-labs/exploring-the-ref2731-intrusion-set
https://twitter.com/andythevariable/status/1576953781581144064?s=20&t=QiJILvK4ZiBdR8RJe24u-A

rules/windows/process_creation/proc_creation_win_lolbins_by_office_applications.yml

@@ -6,7 +6,9 @@ references:
     - https://doublepulsar.com/follina-a-microsoft-office-code-execution-vulnerability-1a47fce5629e
     - https://github.com/vadim-hunter/Detection-Ideas-Rules/blob/02bcbfc2bfb8b4da601bb30de0344ae453aa1afe/Threat%20Intelligence/The%20DFIR%20Report/20210329_Sodinokibi_(aka_REvil)_Ransomware.yaml
     - https://github.com/splunk/security_content/blob/develop/detections/endpoint/office_spawning_control.yml
-author: 'Vadim Khrykov (ThreatIntel), Cyb3rEng (Rule), Michael Haag'
+    - https://twitter.com/andythevariable/status/1576953781581144064?s=20&t=QiJILvK4ZiBdR8RJe24u-A
+    - https://www.elastic.co/security-labs/exploring-the-ref2731-intrusion-set
+author: 'Vadim Khrykov (ThreatIntel), Cyb3rEng (Rule), Michael Haag, Christopher Peacock @securepeacock (Update), SCYTHE @scythe_io (Update)'
 tags:
     - attack.t1204.002
     - attack.t1047
@@ -15,7 +17,7 @@ tags:
     - attack.defense_evasion
 status: experimental
 date: 2021/08/23
-modified: 2022/07/20
+modified: 2022/10/03
 logsource:
     product: windows
     category: process_creation
@@ -30,6 +32,7 @@ detection:
             - '\verclsid.exe'
             - '\msdt.exe'
             - '\control.exe'
+            - '\msidb.exe'
         ParentImage|endswith:
             - '\winword.exe'
             - '\excel.exe'