From 7ee644eac064814c854cea62f40ed8fbb2af3e3c Mon Sep 17 00:00:00 2001
From: nsaddler <n-saddler@mail.ru>
Date: Wed, 28 Oct 2020 19:30:21 +0300
Subject: [PATCH] Update powershell_CL_Invocation_LOLScript_v2.yml

---
 .../powershell/powershell_CL_Invocation_LOLScript_v2.yml    | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/rules/windows/powershell/powershell_CL_Invocation_LOLScript_v2.yml b/rules/windows/powershell/powershell_CL_Invocation_LOLScript_v2.yml
index f85370f51..f22022cf9 100644
--- a/rules/windows/powershell/powershell_CL_Invocation_LOLScript_v2.yml
+++ b/rules/windows/powershell/powershell_CL_Invocation_LOLScript_v2.yml
@@ -1,5 +1,5 @@
-title: Execution via CL_Invocation.ps1
-id: 4cd29327-685a-460e-9dac-c3ab96e549dc
+title: Execution via CL_Invocation.ps1 (2 Lines)
+id: f588e69b-0750-46bb-8f87-0e9320d57536
 description: Detects Execution via SyncInvoke in CL_Invocation.ps1 module
 status: experimental
 author: oscd.community, Natalia Shornikova
@@ -23,4 +23,4 @@ detection:
       # PS > Import-Module c:\Windows\diagnostics\system\Audio\CL_Invocation.ps1
       # PS > SyncInvoke c:\Evil.exe
 falsepositives: Unknown
-level: high
\ No newline at end of file
+level: high