From b2ca6754eac8b924c69f90e8024a29bbfb0e1971 Mon Sep 17 00:00:00 2001
From: sreehari3 <78466341+sreehari3@users.noreply.github.com>
Date: Thu, 14 Apr 2022 09:09:03 +0530
Subject: [PATCH 1/2] mitre tags:  Persistence  (T1053) ,(T1053.005)

added those  MITRE tags
---
 .../proc_creation_win_apt_actinium_persistence.yml            | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/rules/windows/process_creation/proc_creation_win_apt_actinium_persistence.yml b/rules/windows/process_creation/proc_creation_win_apt_actinium_persistence.yml
index 72a1a2001..1327937e7 100644
--- a/rules/windows/process_creation/proc_creation_win_apt_actinium_persistence.yml
+++ b/rules/windows/process_creation/proc_creation_win_apt_actinium_persistence.yml
@@ -23,3 +23,7 @@ fields:
 falsepositives:
   - Unlikely
 level: high
+tags: 
+    - attack.persistence
+    - attack.T1053
+    - attack.t1053.005

From 6857301e6c30d339df903379f5f050484e749217 Mon Sep 17 00:00:00 2001
From: frack113 <62423083+frack113@users.noreply.github.com>
Date: Thu, 14 Apr 2022 09:59:45 +0200
Subject: [PATCH 2/2] Update proc_creation_win_apt_actinium_persistence.yml

---
 .../proc_creation_win_apt_actinium_persistence.yml              | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/rules/windows/process_creation/proc_creation_win_apt_actinium_persistence.yml b/rules/windows/process_creation/proc_creation_win_apt_actinium_persistence.yml
index 1327937e7..f32610c6b 100644
--- a/rules/windows/process_creation/proc_creation_win_apt_actinium_persistence.yml
+++ b/rules/windows/process_creation/proc_creation_win_apt_actinium_persistence.yml
@@ -25,5 +25,5 @@ falsepositives:
 level: high
 tags: 
     - attack.persistence
-    - attack.T1053
+    - attack.t1053
     - attack.t1053.005