[Rule Tuning] Entra ID OAuth Phishing via First-Party Microsoft Application (#5610)

Fixes #5609

rules/integrations/azure/initial_access_entra_id_oauth_phishing_via_first_party_microsoft_application.toml

@@ -2,7 +2,7 @@
 creation_date = "2025/04/23"
 integration = ["azure"]
 maturity = "production"
-updated_date = "2025/12/17"
+updated_date = "2026/01/24"
 
 [rule]
 author = ["Elastic"]
@@ -101,7 +101,6 @@ event.outcome: "success" and
       "27922004-5251-4030-b22d-91ecd9a37ea4" or
       "4813382a-8fa7-425e-ab75-3b753aab3abb" or
       "ab9b8c07-8f02-4f72-87fa-80105867a763" or
-      "d3590ed6-52b3-4102-aeff-aad2292ab01c" or
       "872cd9fa-d31f-45e0-9eab-6e460a02d1f1" or
       "af124e86-4e96-495a-b70a-90f90ab96707" or
       "2d7f3606-b07d-41d1-b9d2-0d0c9296a6e8" or
@@ -114,7 +113,6 @@ event.outcome: "success" and
       "57336123-6e14-4acc-8dcf-287b6088aa28" or
       "57fcbcfa-7cee-4eb1-8b25-12d2030b4ee0" or
       "66375f6b-983f-4c2c-9701-d680650f588f" or
-      "9ba1a5c7-f17a-4de9-a1f1-6178c8d51223" or
       "a40d7d7d-59aa-447e-a655-679a4107e548" or
       "a569458c-7f2b-45cb-bab9-b7dee514d112" or
       "b26aadf8-566f-4478-926f-589f601d9c74" or