From 69795dca7e4a5bb2bda5a6109f009325fde1a2a8 Mon Sep 17 00:00:00 2001
From: Oddvar Moe <oddvar.moe@gmail.com>
Date: Fri, 1 Feb 2019 18:38:35 +0100
Subject: [PATCH] Added fixes from https://github.com/sagishahar, typos in wmic
 and extexport

---
 yml/OSBinaries/Extexport.yml | 2 +-
 yml/OSBinaries/Wmic.yml      | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/yml/OSBinaries/Extexport.yml b/yml/OSBinaries/Extexport.yml
index 0d4cc0c..424db7f 100644
--- a/yml/OSBinaries/Extexport.yml
+++ b/yml/OSBinaries/Extexport.yml
@@ -14,7 +14,7 @@ Commands:
     OperatingSystem: Windows vista, Windows 7, Windows 8, Windows 8.1, Windows 10
 Full_Path:
   - Path: C:\Program Files\Internet Explorer\Extexport.exe
-  - Path: C:\Program Files\Internet Explorer(x86)\Extexport.exe
+  - Path: C:\Program Files (x86)\Internet Explorer\Extexport.exe
 Code_Sample: 
 - Code:
 Detection:
diff --git a/yml/OSBinaries/Wmic.yml b/yml/OSBinaries/Wmic.yml
index 8a50604..9109336 100644
--- a/yml/OSBinaries/Wmic.yml
+++ b/yml/OSBinaries/Wmic.yml
@@ -69,8 +69,8 @@ Commands:
     MitreLink: https://attack.mitre.org/wiki/Technique/T1218
     OperatingSystem: Windows vista, Windows 7, Windows 8, Windows 8.1, Windows 10
 Full_Path:
-  - Path: C:\Windows\System32\wmic.exe
-  - Path: C:\Windows\SysWOW64\wmic.exe
+  - Path: C:\Windows\System32\wbem\wmic.exe
+  - Path: C:\Windows\SysWOW64\wbem\wmic.exe
 Code_Sample: 
   - Code:
 Detection: