From e6817f1b231dbbcc34269027c5e9f714ed0b169d Mon Sep 17 00:00:00 2001
From: phantinuss <79651203+phantinuss@users.noreply.github.com>
Date: Mon, 29 Jan 2024 11:52:54 +0100
Subject: [PATCH] fix: minor

---
 ...creation_win_malware_pikabot_rundll32_uncommon_extension.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/rules-emerging-threats/2023/Malware/Pikabot/proc_creation_win_malware_pikabot_rundll32_uncommon_extension.yml b/rules-emerging-threats/2023/Malware/Pikabot/proc_creation_win_malware_pikabot_rundll32_uncommon_extension.yml
index e13b6ff2c26..9fe2c92419f 100644
--- a/rules-emerging-threats/2023/Malware/Pikabot/proc_creation_win_malware_pikabot_rundll32_uncommon_extension.yml
+++ b/rules-emerging-threats/2023/Malware/Pikabot/proc_creation_win_malware_pikabot_rundll32_uncommon_extension.yml
@@ -2,7 +2,7 @@ title: Pikabot Fake DLL Extension Execution Via Rundll32.EXE
 id: 1bf0ba65-9a39-42a2-9271-31d31bf2f0bf
 status: experimental
 description: |
-    Detect specific process tree behavior linked to "rundll32" executions, wherein the associated DLL lacks a common ".dll" extension, often signaling potential Pikabot activity.
+    Detects specific process tree behavior linked to "rundll32" executions, wherein the associated DLL lacks a common ".dll" extension, often signaling potential Pikabot activity.
 references:
     - https://github.com/pr0xylife/Pikabot
     - https://tria.ge/231004-tp8k6sch9t/behavioral2