From 7f9fd3ea63f93f79da5dc40a5fc3a86229a67c79 Mon Sep 17 00:00:00 2001
From: Florian Roth <venom14@gmail.com>
Date: Tue, 1 Feb 2022 16:01:27 +0100
Subject: [PATCH] Update sysmon_process_hollowing.yml

---
 rules/windows/sysmon/sysmon_process_hollowing.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/rules/windows/sysmon/sysmon_process_hollowing.yml b/rules/windows/sysmon/sysmon_process_hollowing.yml
index 3f5fbf9b1..0a25fa467 100644
--- a/rules/windows/sysmon/sysmon_process_hollowing.yml
+++ b/rules/windows/sysmon/sysmon_process_hollowing.yml
@@ -20,7 +20,7 @@ detection:
     filters:
         Image|endswith:
             - '\chrome.exe'
-            - '\opeara.exe'
+            - '\opera.exe'
             - '\firefox.exe'
             - '\MicrosoftEdge.exe'
     condition: selection and not filters