From cf65b61397718fd9215d39e8a9ceca09dca068c2 Mon Sep 17 00:00:00 2001
From: Florian Roth <venom14@gmail.com>
Date: Mon, 20 Dec 2021 12:51:27 +0100
Subject: [PATCH] Update file_event_mimimaktz_memssp_log_file.yml

---
 .../file_event/file_event_mimimaktz_memssp_log_file.yml     | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/rules/windows/file_event/file_event_mimimaktz_memssp_log_file.yml b/rules/windows/file_event/file_event_mimimaktz_memssp_log_file.yml
index 2beeb62f7..526903249 100644
--- a/rules/windows/file_event/file_event_mimimaktz_memssp_log_file.yml
+++ b/rules/windows/file_event/file_event_mimimaktz_memssp_log_file.yml
@@ -1,4 +1,4 @@
-title: Mimikatz MemSSP default log file creation
+title: Mimikatz MemSSP Default Log File Creation
 id: 034affe8-6170-11ec-844f-0f78aa0c4d66
 status: experimental
 description: Detects Mimikatz MemSSP default log file creation
@@ -18,5 +18,5 @@ detection:
          - 'mimilsa.log'
    condition: mimikatz_memssp_filename
 falsepositives:
-   - Unknown
-level: high
+   - Unlikely
+level: critical