From c779fc5424c40a02101a0bda7f5776810da7b8a5 Mon Sep 17 00:00:00 2001
From: frack113 <62423083+frack113@users.noreply.github.com>
Date: Sat, 22 Feb 2025 23:47:24 +0100
Subject: [PATCH] Merge PR #5200 from @frack113 - Fix typo in selection name

chore: fix selection name
---
 ...et_connection_win_domain_google_api_non_browser_access.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/rules/windows/network_connection/net_connection_win_domain_google_api_non_browser_access.yml b/rules/windows/network_connection/net_connection_win_domain_google_api_non_browser_access.yml
index 43339167966..582635c8a8f 100644
--- a/rules/windows/network_connection/net_connection_win_domain_google_api_non_browser_access.yml
+++ b/rules/windows/network_connection/net_connection_win_domain_google_api_non_browser_access.yml
@@ -11,7 +11,7 @@ references:
     - https://www.bleepingcomputer.com/news/security/hackers-abuse-google-command-and-control-red-team-tool-in-attacks/
 author: Gavin Knapp
 date: 2023-05-01
-modified: 2024-07-16
+modified: 2025-02-22
 tags:
     - attack.command-and-control
     - attack.t1102
@@ -70,7 +70,7 @@ detection:
         Image|endswith: '\whale.exe'
     filter_optional_googleupdate:
         Image|endswith: '\GoogleUpdate.exe'
-    filter_optional_outlook.exe:
+    filter_optional_outlook_exe:
         Image|endswith: '\outlook.exe'
     filter_main_null:
         Image: null