From d33f70668af66f5d64cfb45b779cbe8a2077b6f0 Mon Sep 17 00:00:00 2001
From: Gude5 <76428540+Gude5@users.noreply.github.com>
Date: Mon, 10 Oct 2022 17:01:59 +0200
Subject: [PATCH] Update
 rules/windows/file_change/file_change_win_unusual_modification_by_dns_exe.yml

Co-authored-by: Nasreddine Bencherchali <8741929+nasbench@users.noreply.github.com>
---
 .../file_change_win_unusual_modification_by_dns_exe.yml         | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/rules/windows/file_change/file_change_win_unusual_modification_by_dns_exe.yml b/rules/windows/file_change/file_change_win_unusual_modification_by_dns_exe.yml
index 67bfe529e..dbc9b5282 100644
--- a/rules/windows/file_change/file_change_win_unusual_modification_by_dns_exe.yml
+++ b/rules/windows/file_change/file_change_win_unusual_modification_by_dns_exe.yml
@@ -3,7 +3,7 @@ id: 9f383dc0-fdeb-4d56-acbc-9f9f4f8f20f3
 status: experimental
 author: Tim Rauch
 date: 2022/09/27
-description: Detects an unexpected file being modified by dns.exe which my indicate activity related to remote code execution or other forms of exploitation
+description: Detects an unexpected file being modified by dns.exe which my indicate activity related to remote code execution or other forms of exploitation as seen in CVE-2020-1350 (SigRed)
 references:
     - https://www.elastic.co/guide/en/security/current/unusual-file-modification-by-dns.exe.html
 tags: