From 844d55c78127c4fc2ac1eb217dcfecb4b9faee06 Mon Sep 17 00:00:00 2001
From: root <sechost@yandex.ru>
Date: Sat, 26 Oct 2019 08:18:37 +0200
Subject: [PATCH] add win_susp_bginfo.yml

---
 rules/windows/process_creation/win_susp_bginfo.yml   | 1 -
 rules/windows/process_creation/win_susp_msoffice.yml | 1 -
 2 files changed, 2 deletions(-)

diff --git a/rules/windows/process_creation/win_susp_bginfo.yml b/rules/windows/process_creation/win_susp_bginfo.yml
index 8fb1b0591..e18d5955d 100644
--- a/rules/windows/process_creation/win_susp_bginfo.yml
+++ b/rules/windows/process_creation/win_susp_bginfo.yml
@@ -8,7 +8,6 @@ author: Beyu Denis
 date: 2019/10/26
 tags:
     - attack.persistence
-    - attack.T1218
 level: medium
 logsource:
     category: process_creation
diff --git a/rules/windows/process_creation/win_susp_msoffice.yml b/rules/windows/process_creation/win_susp_msoffice.yml
index 2e5388f09..50be710ab 100644
--- a/rules/windows/process_creation/win_susp_msoffice.yml
+++ b/rules/windows/process_creation/win_susp_msoffice.yml
@@ -9,7 +9,6 @@ author: Beyu Denis
 date: 2019/10/26
 tags:
     - attack.persistence
-    - attack.T1105
 level: medium
 logsource:
     category: process_creation