Update proc_creation_win_susp_gpresult.yml

rules/windows/process_creation/proc_creation_win_susp_gpresult.yml

@@ -14,8 +14,7 @@ logsource:
     category: process_creation
 detection:
     selection:
-        Image|endswith:
-            - '\gpresult.exe'
+        Image|endswith: '\gpresult.exe'
         CommandLine|contains:
             - '/z'
             - '/v'
@@ -25,4 +24,4 @@ falsepositives:
 level: medium
 tags:
     - attack.discovery
-    - attack.t1615
+    - attack.t1615