From bd0a9e2baeb40363d93231b15f1908f54f44cc8c Mon Sep 17 00:00:00 2001
From: Nasreddine Bencherchali <8741929+nasbench@users.noreply.github.com>
Date: Fri, 5 May 2023 12:34:29 +0200
Subject: [PATCH] fix: missing modifier

---
 .../powershell_script/posh_ps_resolve_list_of_ip_from_file.yml  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/rules/windows/powershell/powershell_script/posh_ps_resolve_list_of_ip_from_file.yml b/rules/windows/powershell/powershell_script/posh_ps_resolve_list_of_ip_from_file.yml
index 8bc141375..9fd4f5339 100644
--- a/rules/windows/powershell/powershell_script/posh_ps_resolve_list_of_ip_from_file.yml
+++ b/rules/windows/powershell/powershell_script/posh_ps_resolve_list_of_ip_from_file.yml
@@ -16,7 +16,7 @@ logsource:
     definition: bade5735-5ab0-4aa7-a642-a11be0e40872
 detection:
     selection:
-        ScriptBlockText|contains:
+        ScriptBlockText|contains|all:
             - 'Get-content '
             - 'foreach'
             - '[System.Net.Dns]::GetHostEntry'