Fix TargetFilename case

rules/windows/file_event/file_event_script_creation_by_office_using_file_ext.yml

@@ -13,29 +13,30 @@ tags:
     - attack.defense_evasion
 status: experimental
 date: 2021/08/23
+modified: 2021/11/10
 logsource:
-  product: windows
-  category: file_event
+    product: windows
+    category: file_event
 detection:
-  #useful_information: Please add more file extensions to the logic of your choice. 
-  selection1:
-    Image|endswith:
-      - 'winword.exe'
-      - 'excel.exe'
-      - 'powerpnt.exe'
-  selection2:
-    TargetFileName|endswith:
-    - ".exe"
-    - ".dll"
-    - ".ocx"
-    - ".com"
-    - ".ps1"
-    - ".vbs"
-    - ".sys"
-    - ".bat"
-    - ".scr"
-    - ".proj"
-  condition: selection1 and selection2
+    #useful_information: Please add more file extensions to the logic of your choice. 
+    selection1:
+        Image|endswith:
+            - 'winword.exe'
+            - 'excel.exe'
+            - 'powerpnt.exe'
+    selection2:
+        TargetFilename|endswith:
+            - ".exe"
+            - ".dll"
+            - ".ocx"
+            - ".com"
+            - ".ps1"
+            - ".vbs"
+            - ".sys"
+            - ".bat"
+            - ".scr"
+            - ".proj"
+    condition: selection1 and selection2
 falsepositives:
-- Unknown
+    - Unknown
 level: high