From 813afd4f4c17bb1e64474607d350b331dfd4bedc Mon Sep 17 00:00:00 2001
From: Jonhnathan <jonhnathancesar@gmail.com>
Date: Fri, 20 Nov 2020 00:52:54 -0300
Subject: [PATCH] Remove additional backslash

---
 .../windows/network_connection/sysmon_win_binary_github_com.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/rules/windows/network_connection/sysmon_win_binary_github_com.yml b/rules/windows/network_connection/sysmon_win_binary_github_com.yml
index 6e76f63df..a63c8b1e0 100755
--- a/rules/windows/network_connection/sysmon_win_binary_github_com.yml
+++ b/rules/windows/network_connection/sysmon_win_binary_github_com.yml
@@ -24,7 +24,7 @@ detection:
         DestinationHostname|endswith:
             - '.github.com'
             - '.githubusercontent.com'
-        Image|startswith: 'C:\Windows\\'
+        Image|startswith: 'C:\Windows\'
     condition: selection
 falsepositives:
     - 'Unknown'