From 3ba4eeac7bf683d4cb50057cbe0cb9069de87f18 Mon Sep 17 00:00:00 2001
From: Nikita Nazarov <61659062+NikitaStormwind@users.noreply.github.com>
Date: Thu, 8 Oct 2020 17:36:20 +0300
Subject: [PATCH] Update powershell_invoke_obfuscation_via_use_rundll32.yml

---
 .../powershell_invoke_obfuscation_via_use_rundll32.yml          | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/rules/windows/powershell/powershell_invoke_obfuscation_via_use_rundll32.yml b/rules/windows/powershell/powershell_invoke_obfuscation_via_use_rundll32.yml
index f3da4a1da..182bffe35 100644
--- a/rules/windows/powershell/powershell_invoke_obfuscation_via_use_rundll32.yml
+++ b/rules/windows/powershell/powershell_invoke_obfuscation_via_use_rundll32.yml
@@ -4,7 +4,7 @@ description: Detects Obfuscated Powershell via use Rundll32 in Scripts
 status: experimental
 author: Nikita Nazarov, oscd.community
 date: 2019/10/08
-references: https://github.com/Neo23x0/sigma/issues/1009
+references: -https://github.com/Neo23x0/sigma/issues/1009
 tags:
     - attack.defense_evasion
     - attack.t1027