From 6de42e0996200d8ae87533d7070b8a66bcb68fcc Mon Sep 17 00:00:00 2001
From: frack113 <62423083+frack113@users.noreply.github.com>
Date: Fri, 20 Jan 2023 09:57:09 +0100
Subject: [PATCH] Update
 proc_creation_win_sqlite_firefox_gecko_profile_data.yml

---
 .../proc_creation_win_sqlite_firefox_gecko_profile_data.yml     | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/rules/windows/process_creation/proc_creation_win_sqlite_firefox_gecko_profile_data.yml b/rules/windows/process_creation/proc_creation_win_sqlite_firefox_gecko_profile_data.yml
index 0417af4c0..005adaecc 100644
--- a/rules/windows/process_creation/proc_creation_win_sqlite_firefox_gecko_profile_data.yml
+++ b/rules/windows/process_creation/proc_creation_win_sqlite_firefox_gecko_profile_data.yml
@@ -1,7 +1,7 @@
 title: SQLite Firefox Profile Data DB Access
 id: 4833155a-4053-4c9c-a997-777fcea0baa7
 status: experimental
-description:  Detect usage of the "sqlite" binary to query databases in Firefox and other Gecko-based browsers for potential data stealing.
+description: Detect usage of the "sqlite" binary to query databases in Firefox and other Gecko-based browsers for potential data stealing.
 references:
     - https://github.com/redcanaryco/atomic-red-team/blob/f339e7da7d05f6057fdfcdd3742bfcf365fee2a9/atomics/T1539/T1539.md#atomic-test-1---steal-firefox-cookies-windows
     - https://blog.cyble.com/2022/04/21/prynt-stealer-a-new-info-stealer-performing-clipper-and-keylogger-activities/