From a0aff0f680d236ef038bcd140030de7b63dffb91 Mon Sep 17 00:00:00 2001
From: pH-T <28906717+pH-T@users.noreply.github.com>
Date: Wed, 1 Jun 2022 13:06:17 +0200
Subject: [PATCH] Update proc_creation_win_susp_base64_load.yml

---
 .../process_creation/proc_creation_win_susp_base64_load.yml   | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/rules/windows/process_creation/proc_creation_win_susp_base64_load.yml b/rules/windows/process_creation/proc_creation_win_susp_base64_load.yml
index 1f247fb4a..9fea4eaa7 100644
--- a/rules/windows/process_creation/proc_creation_win_susp_base64_load.yml
+++ b/rules/windows/process_creation/proc_creation_win_susp_base64_load.yml
@@ -2,7 +2,7 @@ title: Suspicious Encoded Obfuscated LOAD String
 id: 9c0295ce-d60d-40bd-bd74-84673b7592b1
 status: test
 description: Detects suspicious base64 encoded and obbfuscated LOAD string often used for reflection.assembly load
-author: "pH-T"
+author: pH-T
 related:
   - id: 62b7ccc9-23b4-471e-aa15-6da3663c4d59
     type: similar
@@ -51,4 +51,4 @@ fields:
   - CommandLine
 falsepositives:
   - Unlikely
-level: high
\ No newline at end of file
+level: high