From ef13bea075b991b3d07eb99dd4a71024c97645ca Mon Sep 17 00:00:00 2001
From: Florian Roth <venom14@gmail.com>
Date: Sat, 27 Nov 2021 10:05:51 +0100
Subject: [PATCH] fix: regular expression in "

---
 rules/windows/process_creation/win_pc_lolbas_diantz_ads.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/rules/windows/process_creation/win_pc_lolbas_diantz_ads.yml b/rules/windows/process_creation/win_pc_lolbas_diantz_ads.yml
index 9fccf9acb..bcd13051a 100644
--- a/rules/windows/process_creation/win_pc_lolbas_diantz_ads.yml
+++ b/rules/windows/process_creation/win_pc_lolbas_diantz_ads.yml
@@ -17,7 +17,7 @@ detection:
         CommandLine|contains|all:
             - diantz.exe
             - .cab
-        CommandLine|re: ":[^\\]"
+        CommandLine|re: ':[^\\]'
     condition: lolbas 
 falsepositives:
     - Very Possible