From 2a76c469e0b4ec8a2b8cd90a75cb5cd75ede5eaa Mon Sep 17 00:00:00 2001
From: frack113 <62423083+frack113@users.noreply.github.com>
Date: Sat, 11 Sep 2021 13:34:19 +0200
Subject: [PATCH] normalise name

---
 ...ervicebus.yml => dns_query_hybridconnectionmgr_servicebus.yml} | 0
 .../windows/dns_query/{dns_mega_nz.yml => dns_query_mega_nz.yml}  | 0
 ...ble_dns_rebinding.yml => dns_query_possible_dns_rebinding.yml} | 0
 ...{sysmon_susp_driver_load.yml => driver_load_susp_temp_use.yml} | 0
 ...vuln_dell_driver_load.yml => driver_load_vuln_dell_driver.yml} | 0
 ...sysmon_windivert_driver_load.yml => driver_load_windivert.yml} | 0
 ...mal_octopus_scanner.yml => file_event_mal_octopus_scanner.yml} | 0
 ..._mockingbird.yml => process_creation_mal_blue_mockingbird.yml} | 0
 ..._darkside.yml => process_creation_mal_darkside_ransomware.yml} | 0
 ...kergoga.yml => process_creation_mal_lockergoga_ransomware.yml} | 0
 .../malware/{win_mal_ryuk.yml => process_creation_mal_ryuk.yml}   | 0
 .../{mal_azorult_reg.yml => registry_event_mal_azorult.yml}       | 0
 .../{win_mal_flowcloud.yml => registry_event_mal_flowcloud.yml}   | 0
 .../malware/{win_mal_ursnif.yml => registry_event_mal_ursnif.yml} | 0
 14 files changed, 0 insertions(+), 0 deletions(-)
 rename rules/windows/dns_query/{dns_query_dns_hybridconnectionmgr_servicebus.yml => dns_query_hybridconnectionmgr_servicebus.yml} (100%)
 rename rules/windows/dns_query/{dns_mega_nz.yml => dns_query_mega_nz.yml} (100%)
 rename rules/windows/dns_query/{sysmon_possible_dns_rebinding.yml => dns_query_possible_dns_rebinding.yml} (100%)
 rename rules/windows/driver_load/{sysmon_susp_driver_load.yml => driver_load_susp_temp_use.yml} (100%)
 rename rules/windows/driver_load/{sysmon_vuln_dell_driver_load.yml => driver_load_vuln_dell_driver.yml} (100%)
 rename rules/windows/driver_load/{sysmon_windivert_driver_load.yml => driver_load_windivert.yml} (100%)
 rename rules/windows/malware/{win_mal_octopus_scanner.yml => file_event_mal_octopus_scanner.yml} (100%)
 rename rules/windows/malware/{win_mal_blue_mockingbird.yml => process_creation_mal_blue_mockingbird.yml} (100%)
 rename rules/windows/malware/{win_mal_darkside.yml => process_creation_mal_darkside_ransomware.yml} (100%)
 rename rules/windows/malware/{win_mal_lockergoga.yml => process_creation_mal_lockergoga_ransomware.yml} (100%)
 rename rules/windows/malware/{win_mal_ryuk.yml => process_creation_mal_ryuk.yml} (100%)
 rename rules/windows/malware/{mal_azorult_reg.yml => registry_event_mal_azorult.yml} (100%)
 rename rules/windows/malware/{win_mal_flowcloud.yml => registry_event_mal_flowcloud.yml} (100%)
 rename rules/windows/malware/{win_mal_ursnif.yml => registry_event_mal_ursnif.yml} (100%)

diff --git a/rules/windows/dns_query/dns_query_dns_hybridconnectionmgr_servicebus.yml b/rules/windows/dns_query/dns_query_hybridconnectionmgr_servicebus.yml
similarity index 100%
rename from rules/windows/dns_query/dns_query_dns_hybridconnectionmgr_servicebus.yml
rename to rules/windows/dns_query/dns_query_hybridconnectionmgr_servicebus.yml
diff --git a/rules/windows/dns_query/dns_mega_nz.yml b/rules/windows/dns_query/dns_query_mega_nz.yml
similarity index 100%
rename from rules/windows/dns_query/dns_mega_nz.yml
rename to rules/windows/dns_query/dns_query_mega_nz.yml
diff --git a/rules/windows/dns_query/sysmon_possible_dns_rebinding.yml b/rules/windows/dns_query/dns_query_possible_dns_rebinding.yml
similarity index 100%
rename from rules/windows/dns_query/sysmon_possible_dns_rebinding.yml
rename to rules/windows/dns_query/dns_query_possible_dns_rebinding.yml
diff --git a/rules/windows/driver_load/sysmon_susp_driver_load.yml b/rules/windows/driver_load/driver_load_susp_temp_use.yml
similarity index 100%
rename from rules/windows/driver_load/sysmon_susp_driver_load.yml
rename to rules/windows/driver_load/driver_load_susp_temp_use.yml
diff --git a/rules/windows/driver_load/sysmon_vuln_dell_driver_load.yml b/rules/windows/driver_load/driver_load_vuln_dell_driver.yml
similarity index 100%
rename from rules/windows/driver_load/sysmon_vuln_dell_driver_load.yml
rename to rules/windows/driver_load/driver_load_vuln_dell_driver.yml
diff --git a/rules/windows/driver_load/sysmon_windivert_driver_load.yml b/rules/windows/driver_load/driver_load_windivert.yml
similarity index 100%
rename from rules/windows/driver_load/sysmon_windivert_driver_load.yml
rename to rules/windows/driver_load/driver_load_windivert.yml
diff --git a/rules/windows/malware/win_mal_octopus_scanner.yml b/rules/windows/malware/file_event_mal_octopus_scanner.yml
similarity index 100%
rename from rules/windows/malware/win_mal_octopus_scanner.yml
rename to rules/windows/malware/file_event_mal_octopus_scanner.yml
diff --git a/rules/windows/malware/win_mal_blue_mockingbird.yml b/rules/windows/malware/process_creation_mal_blue_mockingbird.yml
similarity index 100%
rename from rules/windows/malware/win_mal_blue_mockingbird.yml
rename to rules/windows/malware/process_creation_mal_blue_mockingbird.yml
diff --git a/rules/windows/malware/win_mal_darkside.yml b/rules/windows/malware/process_creation_mal_darkside_ransomware.yml
similarity index 100%
rename from rules/windows/malware/win_mal_darkside.yml
rename to rules/windows/malware/process_creation_mal_darkside_ransomware.yml
diff --git a/rules/windows/malware/win_mal_lockergoga.yml b/rules/windows/malware/process_creation_mal_lockergoga_ransomware.yml
similarity index 100%
rename from rules/windows/malware/win_mal_lockergoga.yml
rename to rules/windows/malware/process_creation_mal_lockergoga_ransomware.yml
diff --git a/rules/windows/malware/win_mal_ryuk.yml b/rules/windows/malware/process_creation_mal_ryuk.yml
similarity index 100%
rename from rules/windows/malware/win_mal_ryuk.yml
rename to rules/windows/malware/process_creation_mal_ryuk.yml
diff --git a/rules/windows/malware/mal_azorult_reg.yml b/rules/windows/malware/registry_event_mal_azorult.yml
similarity index 100%
rename from rules/windows/malware/mal_azorult_reg.yml
rename to rules/windows/malware/registry_event_mal_azorult.yml
diff --git a/rules/windows/malware/win_mal_flowcloud.yml b/rules/windows/malware/registry_event_mal_flowcloud.yml
similarity index 100%
rename from rules/windows/malware/win_mal_flowcloud.yml
rename to rules/windows/malware/registry_event_mal_flowcloud.yml
diff --git a/rules/windows/malware/win_mal_ursnif.yml b/rules/windows/malware/registry_event_mal_ursnif.yml
similarity index 100%
rename from rules/windows/malware/win_mal_ursnif.yml
rename to rules/windows/malware/registry_event_mal_ursnif.yml