From c7dc9df87e385cc0b78a45fb6d4888e6cf213c24 Mon Sep 17 00:00:00 2001
From: Bar Haim <barha@il.ibm.com>
Date: Sun, 16 Aug 2020 12:39:04 +0300
Subject: [PATCH] Update sysmon_apt_muddywater_dnstunnel.yml

---
 .../process_creation/sysmon_apt_muddywater_dnstunnel.yml        | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/rules/windows/process_creation/sysmon_apt_muddywater_dnstunnel.yml b/rules/windows/process_creation/sysmon_apt_muddywater_dnstunnel.yml
index f5b6e57dd..ab6cd5db3 100644
--- a/rules/windows/process_creation/sysmon_apt_muddywater_dnstunnel.yml
+++ b/rules/windows/process_creation/sysmon_apt_muddywater_dnstunnel.yml
@@ -24,5 +24,5 @@ detection:
             - 'DataExchange.dll'
     condition: selection
 falsepositives:
-    - Unkown
+    - Unknown
 level: critical