From 5012f9515221c2e99d50a98685461b2a7fd524b9 Mon Sep 17 00:00:00 2001
From: Wietze <wietze@users.noreply.github.com>
Date: Sun, 10 Jan 2021 15:49:30 +0000
Subject: [PATCH] Fix Code_Sample field

---
 yml/OSBinaries/Eventvwr.yml | 2 +-
 yml/OSBinaries/Wsreset.yml  | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/yml/OSBinaries/Eventvwr.yml b/yml/OSBinaries/Eventvwr.yml
index ead74be..e19150e 100644
--- a/yml/OSBinaries/Eventvwr.yml
+++ b/yml/OSBinaries/Eventvwr.yml
@@ -15,7 +15,7 @@ Commands:
 Full_Path:
   - Path: C:\Windows\System32\eventvwr.exe
   - Path: C:\Windows\SysWOW64\eventvwr.exe
-Code Sample:
+Code_Sample:
   - Code: https://github.com/enigma0x3/Misc-PowerShell-Stuff/blob/master/Invoke-EventVwrBypass.ps1
 Detection:
  - IOC: eventvwr.exe launching child process other than mmc.exe
diff --git a/yml/OSBinaries/Wsreset.yml b/yml/OSBinaries/Wsreset.yml
index 84edaf6..9c00099 100644
--- a/yml/OSBinaries/Wsreset.yml
+++ b/yml/OSBinaries/Wsreset.yml
@@ -14,7 +14,7 @@ Commands:
     OperatingSystem: Windows 10
 Full_Path:
   - Path: C:\Windows\System32\wsreset.exe
-Code Sample:
+Code_Sample:
   - Code:
 Detection:
  - IOC: wsreset.exe launching child process other than mmc.exe