From 4e36ec71751aba9422ea2fb3b3acb9111b599a52 Mon Sep 17 00:00:00 2001
From: Florian Roth <venom14@gmail.com>
Date: Sat, 19 Nov 2022 08:45:58 +0100
Subject: [PATCH] Update
 rules/windows/process_creation/proc_creation_win_susp_process_hacker.yml

Co-authored-by: Nasreddine Bencherchali <8741929+nasbench@users.noreply.github.com>
---
 .../process_creation/proc_creation_win_susp_process_hacker.yml   | 1 +
 1 file changed, 1 insertion(+)

diff --git a/rules/windows/process_creation/proc_creation_win_susp_process_hacker.yml b/rules/windows/process_creation/proc_creation_win_susp_process_hacker.yml
index 9efa4f61d..494e98675 100644
--- a/rules/windows/process_creation/proc_creation_win_susp_process_hacker.yml
+++ b/rules/windows/process_creation/proc_creation_win_susp_process_hacker.yml
@@ -22,6 +22,7 @@ detection:
         - OriginalFileName:
             - 'ProcessHacker.exe'
             - 'Process Hacker'
+            - 'SystemInformer.exe'
         - Description: 
             - 'Process Hacker'
             - 'System Informer'