From b0bc3b66ed011bc2daf28dece65b077bdf991aff Mon Sep 17 00:00:00 2001
From: megan201296 <megansroddie@gmail.com>
Date: Mon, 9 Jul 2018 13:32:16 -0500
Subject: [PATCH] Fixed typo

---
 rules/windows/sysmon/sysmon_susp_certutil_command.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/rules/windows/sysmon/sysmon_susp_certutil_command.yml b/rules/windows/sysmon/sysmon_susp_certutil_command.yml
index b3ad7415a..d3da2ec2a 100644
--- a/rules/windows/sysmon/sysmon_susp_certutil_command.yml
+++ b/rules/windows/sysmon/sysmon_susp_certutil_command.yml
@@ -1,6 +1,6 @@
 title: Suspicious Certutil Command
 status: experimental
-description: Detetcs a suspicious Microsoft certutil execution with sub commands like 'decode' sub command, which is sometimes used to decode malicious code with the built-in certutil utility
+description: Detects a suspicious Microsoft certutil execution with sub commands like 'decode' sub command, which is sometimes used to decode malicious code with the built-in certutil utility
 author: Florian Roth, juju4
 references:
     - https://twitter.com/JohnLaTwC/status/835149808817991680