From 0e1f27e7074165ecf26335b5455cf0f01cd0a6b5 Mon Sep 17 00:00:00 2001
From: Bart P <bartblaze@gmail.com>
Date: Thu, 28 Dec 2023 13:10:44 +0100
Subject: [PATCH] Add info

---
 rules/generic/AutoIT.yar | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/rules/generic/AutoIT.yar b/rules/generic/AutoIT.yar
index a6e62cc..20d3b74 100644
--- a/rules/generic/AutoIT.yar
+++ b/rules/generic/AutoIT.yar
@@ -6,13 +6,13 @@ rule AutoIT_Compiled
         version = "1.0"
         creation_date = "2020-09-01"
         first_imported = "2021-12-30"
-        last_modified = "2021-12-30"
+        last_modified = "2023-12-28"
         status = "RELEASED"
         sharing = "TLP:WHITE"
         source = "BARTBLAZE"
         author = "@bartblaze"
-        description = "Identifies compiled AutoIT script (as EXE)."
-        category = "MALWARE"
+        description = "Identifies compiled AutoIT script (as EXE). This rule by itself does NOT necessarily mean the detected file is malicious."
+        category = "INFO"
 
     strings:
         $ = "#OnAutoItStartRegister" ascii wide
@@ -36,13 +36,13 @@ rule AutoIT_Script
         version = "1.0"
         creation_date = "2020-09-01"
         first_imported = "2021-12-30"
-        last_modified = "2023-10-29"
+        last_modified = "2023-12-28"
         status = "RELEASED"
         sharing = "TLP:WHITE"
         source = "BARTBLAZE"
         author = "@bartblaze"
-        description = "Identifies AutoIT script."
-        category = "MALWARE"
+        description = "Identifies AutoIT script.  This rule by itself does NOT necessarily mean the detected file is malicious."
+        category = "INFO"
 
     strings:
         $ = "#OnAutoItStartRegister" ascii wide