From 0e9176776d957ab10481793caa3e98ec1390822e Mon Sep 17 00:00:00 2001
From: Florian Roth <venom14@gmail.com>
Date: Wed, 5 May 2021 12:11:59 +0200
Subject: [PATCH] refactor: moved rule

---
 .../win_outlook_C2_registry_key.yml                             | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename rules/windows/{registry_event_write => registry_event}/win_outlook_C2_registry_key.yml (96%)

diff --git a/rules/windows/registry_event_write/win_outlook_C2_registry_key.yml b/rules/windows/registry_event/win_outlook_C2_registry_key.yml
similarity index 96%
rename from rules/windows/registry_event_write/win_outlook_C2_registry_key.yml
rename to rules/windows/registry_event/win_outlook_C2_registry_key.yml
index e3055016..4d652427 100644
--- a/rules/windows/registry_event_write/win_outlook_C2_registry_key.yml
+++ b/rules/windows/registry_event/win_outlook_C2_registry_key.yml
@@ -13,7 +13,7 @@ tags:
     - attack.t1546
 date: 2021/04/05
 logsource:
-    category: registry_event_write
+    category: registry_event
     product: windows
 detection:
     selection_registry: