From dc9f4fbb4920555344c07e53bb123f0dedadc2fd Mon Sep 17 00:00:00 2001
From: Wagga <6437862+wagga40@users.noreply.github.com>
Date: Mon, 29 Aug 2022 07:28:07 +0200
Subject: [PATCH] Update image_load_defender_load_dll_from_nondefault_path.yml

---
 .../image_load_defender_load_dll_from_nondefault_path.yml     | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/rules/windows/image_load/image_load_defender_load_dll_from_nondefault_path.yml b/rules/windows/image_load/image_load_defender_load_dll_from_nondefault_path.yml
index 5d25feb6c..874355424 100644
--- a/rules/windows/image_load/image_load_defender_load_dll_from_nondefault_path.yml
+++ b/rules/windows/image_load/image_load_defender_load_dll_from_nondefault_path.yml
@@ -1,7 +1,7 @@
 title: Microsoft Defender Loading DLL from Nondefault Path
 id: 418dc89a-9808-4b87-b1d7-e5ae0cb6effc
 status: experimental
-description: Detects loading of Microsoft Defender's DLLs by its processes (MpCmdRun and NisSrv) from the non-default directory which may be an attempt to sideload arbitary DLL
+description: Detects loading of Microsoft Defender's DLLs by its processes (MpCmdRun and NisSrv) from the non-default directory which may be an attempt to sideload arbitrary DLL
 author: Bhabesh Raj
 date: 2022/08/02
 modified: 2022/08/17
@@ -27,4 +27,4 @@ detection:
     condition: selection and not filter
 falsepositives:
     - Very unlikely
-level: high
\ No newline at end of file
+level: high