fix tags on apt29 tor rule

2019-03-13 09:25:28 +00:00
parent 5dc229b590
commit aee0d1dd67
1 changed files with 2 additions and 2 deletions
@@ -5,9 +5,9 @@ description: 'This method detects malicious services mentioned in APT29 report b
 references:
    - https://www.fireeye.com/blog/threat-research/2017/03/apt29_domain_frontin.html
 tags:
-    - attack.command_and_control
+    - attack.persistence
    - attack.g0016
-    - attack.t1172
+    - attack.t1050
 logsource:
    product: windows
    service: system