Shorten AV string "Mimikatz" to "mikatz" because of "HackTool:Win32/Mikatz"
Microsoft also uses HackTool:Win32/Mikatz, e.g.
1b441fde04d361a6fd7fbd83e969014622453c263107ce2bed87ad0bff7cf13f
update: Antivirus Hacktool Detection - Add the string "mikatz" because of "HackTool:Win32/Mikatz"
update: Antivirus Password Dumper Detection - Add the string "mikatz" because of "HackTool:Win32/Mikatz"
update: Relevant Anti-Virus Signature Keywords In Application Log - Add the string "mikatz" because of "HackTool:Win32/Mikatz"
Example Log Event
Fixed Issues
SigmaHQ Rule Creation Conventions
If your PR adds new rules, please consider following and applying these conventions
Shorten AV string "Mimikatz" to "mikatz" because of "HackTool:Win32/Mikatz"
Microsoft also uses HackTool:Win32/Mikatz, e.g. 1b441fde04d361a6fd7fbd83e969014622453c263107ce2bed87ad0bff7cf13f
update: Antivirus Hacktool Detection - Add the string "mikatz" because of "HackTool:Win32/Mikatz" update: Antivirus Password Dumper Detection - Add the string "mikatz" because of "HackTool:Win32/Mikatz" update: Relevant Anti-Virus Signature Keywords In Application Log - Add the string "mikatz" because of "HackTool:Win32/Mikatz"
Example Log Event
Fixed Issues
SigmaHQ Rule Creation Conventions