From f022b087e0a8cb5cd8b2ee5664739bc4a856489e Mon Sep 17 00:00:00 2001
From: Thomas Patzke <thomas@patzke.org>
Date: Tue, 15 Mar 2022 23:31:14 +0100
Subject: [PATCH] Fixed date format in rule

---
 .../proc_creation_win_hiding_malware_in_fonts_folder.yml    | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/rules/windows/process_creation/proc_creation_win_hiding_malware_in_fonts_folder.yml b/rules/windows/process_creation/proc_creation_win_hiding_malware_in_fonts_folder.yml
index d821325d0..9080a46f3 100644
--- a/rules/windows/process_creation/proc_creation_win_hiding_malware_in_fonts_folder.yml
+++ b/rules/windows/process_creation/proc_creation_win_hiding_malware_in_fonts_folder.yml
@@ -4,7 +4,7 @@ description: Monitors for the hiding possible malicious files in the C:\Windows\
 status: experimental
 references:
     - https://thedfirreport.com/2020/04/20/sqlserver-or-the-miner-in-the-basement/
-date: 2020/21/04
+date: 2020/04/21
 modified: 2022/03/08
 author: Sreeman
 logsource:
@@ -12,13 +12,13 @@ logsource:
     category: process_creation
 detection:
     selection_1:
-        CommandLine|contains: 
+        CommandLine|contains:
             - 'echo'
             - 'copy'
             - 'type'
             - 'file createnew'
             - 'cacls'
-    selection_2:    
+    selection_2:
         CommandLine|contains: 'C:\Windows\Fonts\'
     selection_3:
         CommandLine|contains: