Update proc_creation_win_uac_bypass_idiagnostic_profile.yml

2022-07-03 20:16:43 +01:00
parent 30baccb49c
commit 6eaafa7b92
1 changed files with 1 additions and 1 deletions
@@ -12,7 +12,7 @@ logsource:
 detection:
    selection:
        ParentImage|endswith: '\DllHost.exe'
-        ParentCommandLine|contains: ' /Processid:{2C21EA7-2EB8-4B55-9249-AC243DA8C666}'
+        ParentCommandLine|contains: ' /Processid:{12C21EA7-2EB8-4B55-9249-AC243DA8C666}'
        IntegrityLevel:
          - 'High'
          - 'System'