fix: exclude msiexec from SysWOW64

rules/windows/registry_event/sysmon_asep_reg_keys_modification_winsock2.yml

@@ -11,7 +11,7 @@ references:
     - https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns
     - https://gist.github.com/GlebSukhodolskiy/0fc5fa5f482903064b448890db1eaf9d # a list with registry keys
 date: 2019/10/25
-modified: 2022/01/13
+modified: 2022/02/16
 logsource:
     category: registry_event
     product: windows
@@ -26,6 +26,7 @@ detection:
     filter:
         - Details: '(Empty)'
         - Image: 'C:\Windows\System32\MsiExec.exe'
+        - Image: 'C:\Windows\syswow64\MsiExec.exe'
     condition: winsock_parameters_base and winsock_parameters and not filter
 fields:
     - SecurityID