diff --git a/rules/windows/process_creation/proc_creation_win_hktl_sharp_ldap_monitor.yml b/rules/windows/process_creation/proc_creation_win_hktl_sharp_ldap_monitor.yml
index a3338f75a..c7eba3897 100644
--- a/rules/windows/process_creation/proc_creation_win_hktl_sharp_ldap_monitor.yml
+++ b/rules/windows/process_creation/proc_creation_win_hktl_sharp_ldap_monitor.yml
@@ -6,6 +6,7 @@ references:
     - https://github.com/p0dalirius/LDAPmonitor
 author: Nasreddine Bencherchali (Nextron Systems)
 date: 2022/12/30
+modified: 2023/02/14
 tags:
     - attack.discovery
 logsource:
diff --git a/rules/windows/process_creation/proc_creation_win_netsh_fw_enable_group_rule.yml b/rules/windows/process_creation/proc_creation_win_netsh_fw_enable_group_rule.yml
index fd8d15fbc..ea754893b 100644
--- a/rules/windows/process_creation/proc_creation_win_netsh_fw_enable_group_rule.yml
+++ b/rules/windows/process_creation/proc_creation_win_netsh_fw_enable_group_rule.yml
@@ -7,7 +7,7 @@ references:
     - https://docs.microsoft.com/en-us/troubleshoot/windows-server/networking/netsh-advfirewall-firewall-control-firewall-behavior
 author: frack113
 date: 2022/01/09
-modified: 2023/01/31
+modified: 2023/02/14
 tags:
     - attack.defense_evasion
     - attack.t1562.004
diff --git a/rules/windows/process_creation/proc_creation_win_netsh_fw_rules_discovery.yml b/rules/windows/process_creation/proc_creation_win_netsh_fw_rules_discovery.yml
index f5a5094b9..b31de7b8d 100644
--- a/rules/windows/process_creation/proc_creation_win_netsh_fw_rules_discovery.yml
+++ b/rules/windows/process_creation/proc_creation_win_netsh_fw_rules_discovery.yml
@@ -7,7 +7,7 @@ references:
     - https://ss64.com/nt/netsh.html
 author: frack113, Christopher Peacock '@securepeacock', SCYTHE '@scythe_io'
 date: 2021/12/07
-modified: 2022/04/11
+modified: 2023/02/14
 tags:
     - attack.discovery
     - attack.t1016
diff --git a/rules/windows/process_creation/proc_creation_win_netsh_helper_dll_persistence.yml b/rules/windows/process_creation/proc_creation_win_netsh_helper_dll_persistence.yml
index d49f75ff1..5f36dc2c8 100644
--- a/rules/windows/process_creation/proc_creation_win_netsh_helper_dll_persistence.yml
+++ b/rules/windows/process_creation/proc_creation_win_netsh_helper_dll_persistence.yml
@@ -7,7 +7,7 @@ references:
     - https://attack.mitre.org/software/S0108/
 author: Victor Sergeev, oscd.community
 date: 2019/10/25
-modified: 2021/11/27
+modified: 2023/02/14
 tags:
     - attack.privilege_escalation
     - attack.persistence
diff --git a/rules/windows/process_creation/proc_creation_win_pua_cleanwipe.yml b/rules/windows/process_creation/proc_creation_win_pua_cleanwipe.yml
index f5cc4182f..fba27cc49 100644
--- a/rules/windows/process_creation/proc_creation_win_pua_cleanwipe.yml
+++ b/rules/windows/process_creation/proc_creation_win_pua_cleanwipe.yml
@@ -4,9 +4,9 @@ status: experimental
 description: Detects the use of CleanWipe a tool usually used to delete Symantec antivirus.
 references:
     - https://github.com/3CORESec/MAL-CL/tree/master/Descriptors/Other/CleanWipe
-author: Nasreddine Bencherchali @nas_bench
+author: Nasreddine Bencherchali (Nextron Systems)
 date: 2021/12/18
-modified: 2022/09/02
+modified: 2023/02/14
 tags:
     - attack.defense_evasion
     - attack.t1562.001
diff --git a/rules/windows/process_creation/proc_creation_win_uac_bypass_eventvwr.yml b/rules/windows/process_creation/proc_creation_win_uac_bypass_eventvwr.yml
index db3e9e021..7ca3ee2ad 100644
--- a/rules/windows/process_creation/proc_creation_win_uac_bypass_eventvwr.yml
+++ b/rules/windows/process_creation/proc_creation_win_uac_bypass_eventvwr.yml
@@ -10,7 +10,7 @@ references:
     - https://www.hybrid-analysis.com/sample/e122bc8bf291f15cab182a5d2d27b8db1e7019e4e96bb5cdbd1dfe7446f3f51f?environmentId=100
 author: Florian Roth (Nextron Systems)
 date: 2017/03/19
-modified: 2022/10/09
+modified: 2023/02/14
 tags:
     - attack.defense_evasion
     - attack.privilege_escalation