From 1eaad811b66d9beed129f194d576ea536c4faad5 Mon Sep 17 00:00:00 2001
From: Qasim Qlf <qlfqasim@gmail.com>
Date: Mon, 12 Sep 2022 14:15:48 +0500
Subject: [PATCH] tag added

---
 .../windows/process_creation/proc_creation_win_apt_mercury.yml  | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/rules/windows/process_creation/proc_creation_win_apt_mercury.yml b/rules/windows/process_creation/proc_creation_win_apt_mercury.yml
index 0aeb0543b..0cb982d1b 100644
--- a/rules/windows/process_creation/proc_creation_win_apt_mercury.yml
+++ b/rules/windows/process_creation/proc_creation_win_apt_mercury.yml
@@ -6,10 +6,12 @@ references:
     - https://www.microsoft.com/security/blog/2022/08/25/mercury-leveraging-log4j-2-vulnerabilities-in-unpatched-systems-to-target-israeli-organizations/
 author: Florian Roth
 date: 2022/08/26
+modified: 2022/09/12
 logsource:
     category: process_creation
     product: windows
 tags:
+    - attack.execution
     - attack.t1059.001
     - attack.g0069
 detection: