Merge pull request #183 from nasbench/fix-issues

magicsword-io · Aug 15, 2024 · 6c4a2a3 · 6c4a2a3
2 parents 75d18d2 + 252e731
commit 6c4a2a3
Show file tree

Hide file tree

Showing 171 changed files with 2,393 additions and 2,293 deletions.
diff --git a/drivers/761f2e2b759389a472bd3d94141742b9.bin b/drivers/761f2e2b759389a472bd3d94141742b9.bin
diff --git a/drivers/d2fd132ab7bbc6bbb87a84f026fa0244.bin b/drivers/d2fd132ab7bbc6bbb87a84f026fa0244.bin
diff --git a/yaml/0258df5c-c3c1-4ed5-ba8f-846d91526ffe.yaml b/yaml/0258df5c-c3c1-4ed5-ba8f-846d91526ffe.yaml
@@ -207,7 +207,6 @@ KnownVulnerableSamples:
   LoadsDespiteHVCI: 'FALSE'
 MitreID: T1068
 Resources:
-- ' /~https://github.com/namazso/physmem_drivers'
 - /~https://github.com/namazso/physmem_drivers
 Tags:
 - AsrDrv10.sys

diff --git a/yaml/04d377f9-36e0-42a4-8d47-62232163dc68.yaml b/yaml/04d377f9-36e0-42a4-8d47-62232163dc68.yaml
@@ -343,7 +343,6 @@ KnownVulnerableSamples:
   LoadsDespiteHVCI: 'FALSE'
 MitreID: T1068
 Resources:
-- ' /~https://github.com/namazso/physmem_drivers'
 - /~https://github.com/namazso/physmem_drivers
 Tags:
 - iomem64.sys

diff --git a/yaml/058fb356-e0ff-4f5e-8293-319feb005db2.yaml b/yaml/058fb356-e0ff-4f5e-8293-319feb005db2.yaml
@@ -42,7 +42,6 @@ KnownVulnerableSamples:
   LoadsDespiteHVCI: 'FALSE'
 MitreID: T1068
 Resources:
-- ' https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules'
 - https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules
 Tags:
 - bandai.sys

diff --git a/yaml/067589f2-4f29-4dc4-bd50-a2e2ee57b25f.yaml b/yaml/067589f2-4f29-4dc4-bd50-a2e2ee57b25f.yaml
@@ -29,7 +29,6 @@ KnownVulnerableSamples:
   LoadsDespiteHVCI: 'FALSE'
 MitreID: T1068
 Resources:
-- ' https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules'
 - https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules
 Tags:
 - GameTerSafe.sys

diff --git a/yaml/080ff223-f8e0-49c0-a7b5-e97349cf81a0.yaml b/yaml/080ff223-f8e0-49c0-a7b5-e97349cf81a0.yaml
@@ -169,7 +169,6 @@ KnownVulnerableSamples:
   LoadsDespiteHVCI: 'FALSE'
 MitreID: T1068
 Resources:
-- ' /~https://github.com/elastic/protections-artifacts/search?q=VulnDriver'
 - /~https://github.com/elastic/protections-artifacts/search?q=VulnDriver
 Tags:
 - HpPortIox64.sys

diff --git a/yaml/0d0d204b-f6ce-4ce4-8d76-1724a1676c3f.yaml b/yaml/0d0d204b-f6ce-4ce4-8d76-1724a1676c3f.yaml
@@ -29,7 +29,6 @@ KnownVulnerableSamples:
   LoadsDespiteHVCI: 'FALSE'
 MitreID: T1068
 Resources:
-- ' https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules'
 - https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules
 Tags:
 - Proxy32.sys

diff --git a/yaml/0f21a584-6ace-4242-82cb-9766cea6973a.yaml b/yaml/0f21a584-6ace-4242-82cb-9766cea6973a.yaml
@@ -3003,7 +3003,6 @@ KnownVulnerableSamples:
   LoadsDespiteHVCI: 'TRUE'
 MitreID: T1068
 Resources:
-- ' /~https://github.com/namazso/physmem_drivers'
 - /~https://github.com/namazso/physmem_drivers
 Tags:
 - CITMDRV_IA64.sys

diff --git a/yaml/0f59ce3b-20ac-41ba-8010-2abc74827eb8.yaml b/yaml/0f59ce3b-20ac-41ba-8010-2abc74827eb8.yaml
@@ -15979,7 +15979,6 @@ KnownVulnerableSamples:
   LoadsDespiteHVCI: 'FALSE'
 MitreID: T1068
 Resources:
-- ' /~https://github.com/elastic/protections-artifacts/search?q=VulnDriver'
 - /~https://github.com/elastic/protections-artifacts/search?q=VulnDriver
 Tags:
 - cpuz.sys

diff --git a/yaml/0f6c3a28-4d04-474b-a098-37383f984686.yaml b/yaml/0f6c3a28-4d04-474b-a098-37383f984686.yaml
@@ -31,7 +31,6 @@ KnownVulnerableSamples:
   LoadsDespiteHVCI: 'FALSE'
 MitreID: T1068
 Resources:
-- ' https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules'
 - https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules
 Tags:
 - WinIO32.sys

diff --git a/yaml/1068f5cc-65dd-4fd0-b3d8-1d982b37405f.yaml b/yaml/1068f5cc-65dd-4fd0-b3d8-1d982b37405f.yaml
@@ -29,7 +29,6 @@ KnownVulnerableSamples:
   LoadsDespiteHVCI: 'FALSE'
 MitreID: T1068
 Resources:
-- ' https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules'
 - https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules
 Tags:
 - WinIO32A.sys

diff --git a/yaml/137daca4-0d7b-48aa-8574-f7eb6ad02526.yaml b/yaml/137daca4-0d7b-48aa-8574-f7eb6ad02526.yaml
@@ -181,9 +181,8 @@ KnownVulnerableSamples:
   LoadsDespiteHVCI: 'FALSE'
 MitreID: T1068
 Resources:
-- ' /~https://github.com/jbaines-r7/dellicious'
-- ' https://www.rapid7.com/blog/post/2021/12/13/driver-based-attacks-past-and-present/'
-- /~https://github.com/jbaines-r7/dellicious and https://www.rapid7.com/blog/post/2021/12/13/driver-based-attacks-past-and-present/
+- /~https://github.com/jbaines-r7/dellicious
+- https://www.rapid7.com/blog/post/2021/12/13/driver-based-attacks-past-and-present/
 Tags:
 - speedfan.sys
 Verified: 'TRUE'
diff --git a/yaml/13b2424a-d337-4bc7-ad1d-2049c79906b4.yaml b/yaml/13b2424a-d337-4bc7-ad1d-2049c79906b4.yaml
@@ -29,7 +29,6 @@ KnownVulnerableSamples:
   LoadsDespiteHVCI: 'FALSE'
 MitreID: T1068
 Resources:
-- ' https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules'
 - https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules
 Tags:
 - d3.sys

diff --git a/yaml/1524a54d-520d-4fa4-a7d5-aaaa066fbfc4.yaml b/yaml/1524a54d-520d-4fa4-a7d5-aaaa066fbfc4.yaml
@@ -595,7 +595,6 @@ KnownVulnerableSamples:
   LoadsDespiteHVCI: 'TRUE'
 MitreID: T1068
 Resources:
-- ' /~https://github.com/eclypsium/Screwed-Drivers/blob/master/DRIVERS.md'
 - /~https://github.com/eclypsium/Screwed-Drivers/blob/master/DRIVERS.md
 Tags:
 - dbk64.sys

diff --git a/yaml/17cf4fac-88f1-467d-9f62-481d33accc5b.yaml b/yaml/17cf4fac-88f1-467d-9f62-481d33accc5b.yaml
@@ -200,7 +200,6 @@ KnownVulnerableSamples:
   LoadsDespiteHVCI: 'FALSE'
 MitreID: T1068
 Resources:
-- ' https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules'
 - https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules
 Tags:
 - otipcibus.sys

diff --git a/yaml/19003e00-d42d-4cbe-91f3-756451bdd7da.yaml b/yaml/19003e00-d42d-4cbe-91f3-756451bdd7da.yaml
@@ -538,7 +538,6 @@ KnownVulnerableSamples:
   LoadsDespiteHVCI: 'FALSE'
 MitreID: T1068
 Resources:
-- ' https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules'
 - https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules
 Tags:
 - AsrSetupDrv103.sys

diff --git a/yaml/193df066-c27c-4343-a4eb-ad2ac417a4cc.yaml b/yaml/193df066-c27c-4343-a4eb-ad2ac417a4cc.yaml
@@ -29,7 +29,6 @@ KnownVulnerableSamples:
   LoadsDespiteHVCI: 'FALSE'
 MitreID: T1068
 Resources:
-- ' https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules'
 - https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules
 Tags:
 - nt5.sys

diff --git a/yaml/19897aed-9be8-4111-a7d8-35618b9d75b3.yaml b/yaml/19897aed-9be8-4111-a7d8-35618b9d75b3.yaml
@@ -154,7 +154,6 @@ KnownVulnerableSamples:
   LoadsDespiteHVCI: 'FALSE'
 MitreID: T1068
 Resources:
-- ' /~https://github.com/namazso/physmem_drivers'
 - /~https://github.com/namazso/physmem_drivers
 Tags:
 - smep_capcom.sys

diff --git a/yaml/19d16518-4aee-4983-ba89-dbbe0fa8a3e7.yaml b/yaml/19d16518-4aee-4983-ba89-dbbe0fa8a3e7.yaml
@@ -207,7 +207,6 @@ KnownVulnerableSamples:
   LoadsDespiteHVCI: 'FALSE'
 MitreID: T1068
 Resources:
-- ' /~https://github.com/namazso/physmem_drivers'
 - /~https://github.com/namazso/physmem_drivers
 Tags:
 - AsrRapidStartDrv.sys

diff --git a/yaml/1a1cf88a-96d0-46cd-a24d-1535e4a5f6e3.yaml b/yaml/1a1cf88a-96d0-46cd-a24d-1535e4a5f6e3.yaml
@@ -180,7 +180,6 @@ KnownVulnerableSamples:
   LoadsDespiteHVCI: 'TRUE'
 MitreID: T1068
 Resources:
-- ' /~https://github.com/namazso/physmem_drivers'
 - /~https://github.com/namazso/physmem_drivers
 Tags:
 - msrhook.sys

diff --git a/yaml/1c7631f0-f92f-4be5-8ba7-3eefb0601d45.yaml b/yaml/1c7631f0-f92f-4be5-8ba7-3eefb0601d45.yaml
@@ -187,7 +187,6 @@ KnownVulnerableSamples:
   LoadsDespiteHVCI: 'FALSE'
 MitreID: T1068
 Resources:
-- ' /~https://github.com/elastic/protections-artifacts/search?q=VulnDriver'
 - /~https://github.com/elastic/protections-artifacts/search?q=VulnDriver
 Tags:
 - LHA.sys

diff --git a/yaml/1d2cdef1-de44-4849-80e5-e2fa288df681.yaml b/yaml/1d2cdef1-de44-4849-80e5-e2fa288df681.yaml
@@ -227,5 +227,6 @@ Resources:
 Tags:
 - iqvw64e.sys
 - iQVW64.SYS
+- IQVW32.sys
 - NalDrv.sys
 Verified: 'TRUE'
diff --git a/yaml/1d4f7a3a-786b-4a74-b34f-14d44343de9e.yaml b/yaml/1d4f7a3a-786b-4a74-b34f-14d44343de9e.yaml
@@ -29,7 +29,6 @@ KnownVulnerableSamples:
   LoadsDespiteHVCI: 'FALSE'
 MitreID: T1068
 Resources:
-- ' https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules'
 - https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules
 Tags:
 - nt4.sys

diff --git a/yaml/204eccdf-99ca-4f2a-a325-8ebe34fd29a1.yaml b/yaml/204eccdf-99ca-4f2a-a325-8ebe34fd29a1.yaml
@@ -29,7 +29,6 @@ KnownVulnerableSamples:
   LoadsDespiteHVCI: 'FALSE'
 MitreID: T1068
 Resources:
-- ' https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules'
 - https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules
 Tags:
 - bwrs.sys

diff --git a/yaml/205721b7-b83b-414a-b4b5-8bacb4a37777.yaml b/yaml/205721b7-b83b-414a-b4b5-8bacb4a37777.yaml
@@ -468,11 +468,10 @@ KnownVulnerableSamples:
   LoadsDespiteHVCI: 'TRUE'
 MitreID: T1068
 Resources:
-- ' /~https://github.com/jbaines-r7/dellicious'
-- ' https://www.rapid7.com/blog/post/2021/12/13/driver-based-attacks-past-and-present/'
+- /~https://github.com/jbaines-r7/dellicious
+- https://www.rapid7.com/blog/post/2021/12/13/driver-based-attacks-past-and-present/
 - https://securelist.com/shamoon-the-wiper-further-details-part-ii/57784/
 - /~https://github.com/Yara-Rules/rules/blob/master/malware/MALW_Shamoon.yar
-- /~https://github.com/jbaines-r7/dellicious and https://www.rapid7.com/blog/post/2021/12/13/driver-based-attacks-past-and-present/
 Tags:
 - elrawdsk.sys
 Verified: 'TRUE'
diff --git a/yaml/22aa985b-5fdb-4e38-9382-a496220c27ec.yaml b/yaml/22aa985b-5fdb-4e38-9382-a496220c27ec.yaml
@@ -889,7 +889,6 @@ KnownVulnerableSamples:
   LoadsDespiteHVCI: 'FALSE'
 MitreID: T1068
 Resources:
-- ' /~https://github.com/elastic/protections-artifacts/search?q=VulnDriver'
 - /~https://github.com/elastic/protections-artifacts/search?q=VulnDriver
 Tags:
 - TmComm.sys

diff --git a/yaml/23f11e19-0776-4dd4-9c9c-7f6b60f8553f.yaml b/yaml/23f11e19-0776-4dd4-9c9c-7f6b60f8553f.yaml
@@ -216,7 +216,6 @@ KnownVulnerableSamples:
   LoadsDespiteHVCI: 'FALSE'
 MitreID: T1068
 Resources:
-- ' https://gist.github.com/k4nfr3/af970e7facb09195e56f2112e1c9549c'
 - https://gist.github.com/k4nfr3/af970e7facb09195e56f2112e1c9549c
 Tags:
 - ATSZIO.sys

diff --git a/yaml/24fb7bab-b8c3-46ea-a370-c84d2f0ff614.yaml b/yaml/24fb7bab-b8c3-46ea-a370-c84d2f0ff614.yaml
@@ -187,7 +187,6 @@ KnownVulnerableSamples:
   LoadsDespiteHVCI: 'FALSE'
 MitreID: T1068
 Resources:
-- ' /~https://github.com/namazso/physmem_drivers'
 - /~https://github.com/namazso/physmem_drivers
 Tags:
 - ADV64DRV.sys

diff --git a/yaml/268e87ba-ad44-4f3c-986f-26712cac68da.yaml b/yaml/268e87ba-ad44-4f3c-986f-26712cac68da.yaml
@@ -331,7 +331,6 @@ KnownVulnerableSamples:
   LoadsDespiteHVCI: 'FALSE'
 MitreID: T1068
 Resources:
-- ' /~https://github.com/eclypsium/Screwed-Drivers/blob/master/DRIVERS.md'
 - /~https://github.com/eclypsium/Screwed-Drivers/blob/master/DRIVERS.md
 Tags:
 - Phymemx64.sys

diff --git a/yaml/29cb263b-b0b0-40d5-a97d-5ddf4ba79c1e.yaml b/yaml/29cb263b-b0b0-40d5-a97d-5ddf4ba79c1e.yaml
@@ -29,9 +29,8 @@ KnownVulnerableSamples:
   LoadsDespiteHVCI: 'TRUE'
 MitreID: T1068
 Resources:
-- ' /~https://github.com/jbaines-r7/dellicious'
-- ' https://www.rapid7.com/blog/post/2021/12/13/driver-based-attacks-past-and-present/'
-- /~https://github.com/jbaines-r7/dellicious and https://www.rapid7.com/blog/post/2021/12/13/driver-based-attacks-past-and-present/
+- /~https://github.com/jbaines-r7/dellicious
+- https://www.rapid7.com/blog/post/2021/12/13/driver-based-attacks-past-and-present/
 Tags:
 - goad.sys
 Verified: 'FALSE'
diff --git a/yaml/2aa003cd-5f36-46a6-ae3d-f5afc2c8baa3.yaml b/yaml/2aa003cd-5f36-46a6-ae3d-f5afc2c8baa3.yaml
@@ -1317,7 +1317,6 @@ KnownVulnerableSamples:
   LoadsDespiteHVCI: 'FALSE'
 MitreID: T1068
 Resources:
-- ' https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules'
 - https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules
 Tags:
 - mhyprot3.sys

diff --git a/yaml/2cc3dd4f-8a1e-4f1f-9871-0a14815949b4.yaml b/yaml/2cc3dd4f-8a1e-4f1f-9871-0a14815949b4.yaml
@@ -29,7 +29,6 @@ KnownVulnerableSamples:
   LoadsDespiteHVCI: 'FALSE'
 MitreID: T1068
 Resources:
-- ' https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules'
 - https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules
 Tags:
 - 80.sys

diff --git a/yaml/2cfede23-67f4-4af7-830f-c95ba30a43ae.yaml b/yaml/2cfede23-67f4-4af7-830f-c95ba30a43ae.yaml
@@ -29,7 +29,6 @@ KnownVulnerableSamples:
   LoadsDespiteHVCI: 'FALSE'
 MitreID: T1068
 Resources:
-- ' https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules'
 - https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules
 Tags:
 - WinIo64A.sys

diff --git a/yaml/2e4fedb0-30ed-400d-b4e1-b2b2004c1607.yaml b/yaml/2e4fedb0-30ed-400d-b4e1-b2b2004c1607.yaml
@@ -354,7 +354,6 @@ KnownVulnerableSamples:
   LoadsDespiteHVCI: 'FALSE'
 MitreID: T1068
 Resources:
-- ' /~https://github.com/namazso/physmem_drivers'
 - /~https://github.com/namazso/physmem_drivers
 Tags:
 - OpenLibSys.sys

diff --git a/yaml/30d6c39c-1d93-4101-8dd3-322ff0ab7fb3.yaml b/yaml/30d6c39c-1d93-4101-8dd3-322ff0ab7fb3.yaml
@@ -197,7 +197,6 @@ KnownVulnerableSamples:
   LoadsDespiteHVCI: 'FALSE'
 MitreID: T1068
 Resources:
-- ' https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules'
 - https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules
 Tags:
 - NetFlt.sys

diff --git a/yaml/31797996-6973-402d-a4a0-d01ce51e02c0.yaml b/yaml/31797996-6973-402d-a4a0-d01ce51e02c0.yaml
@@ -207,7 +207,6 @@ KnownVulnerableSamples:
   LoadsDespiteHVCI: 'FALSE'
 MitreID: T1068
 Resources:
-- ' /~https://github.com/namazso/physmem_drivers'
 - /~https://github.com/namazso/physmem_drivers
 Tags:
 - AsrIbDrv.sys

diff --git a/yaml/31a962ce-43ef-410f-873a-7ccc8f00332b.yaml b/yaml/31a962ce-43ef-410f-873a-7ccc8f00332b.yaml
@@ -29,7 +29,6 @@ KnownVulnerableSamples:
   LoadsDespiteHVCI: 'FALSE'
 MitreID: T1068
 Resources:
-- ' https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules'
 - https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules
 Tags:
 - t3.sys

diff --git a/yaml/32ccd436-eb13-4ab3-83d4-3e5471f4e364.yaml b/yaml/32ccd436-eb13-4ab3-83d4-3e5471f4e364.yaml
@@ -246,7 +246,6 @@ KnownVulnerableSamples:
   LoadsDespiteHVCI: 'FALSE'
 MitreID: T1068
 Resources:
-- ' /~https://github.com/eclypsium/Screwed-Drivers/blob/master/DRIVERS.md'
 - /~https://github.com/eclypsium/Screwed-Drivers/blob/master/DRIVERS.md
 Tags:
 - AsrDrv103.sys

diff --git a/yaml/351ff5ca-f07b-4eb6-9300-d5d31514defb.yaml b/yaml/351ff5ca-f07b-4eb6-9300-d5d31514defb.yaml
@@ -5118,9 +5118,8 @@ KnownVulnerableSamples:
   LoadsDespiteHVCI: 'FALSE'
 MitreID: T1068
 Resources:
-- ' /~https://github.com/jbaines-r7/dellicious'
-- ' https://www.rapid7.com/blog/post/2021/12/13/driver-based-attacks-past-and-present/'
-- /~https://github.com/jbaines-r7/dellicious and https://www.rapid7.com/blog/post/2021/12/13/driver-based-attacks-past-and-present/
+- /~https://github.com/jbaines-r7/dellicious
+- https://www.rapid7.com/blog/post/2021/12/13/driver-based-attacks-past-and-present/
 Tags:
 - nscm.sys
 Verified: 'TRUE'
diff --git a/yaml/354a9fcf-acf1-4151-94d2-af88116f605c.yaml b/yaml/354a9fcf-acf1-4151-94d2-af88116f605c.yaml
@@ -42,7 +42,6 @@ KnownVulnerableSamples:
   LoadsDespiteHVCI: 'FALSE'
 MitreID: T1068
 Resources:
-- ' https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules'
 - https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules
 Tags:
 - piddrv.sys

diff --git a/yaml/39742f99-2180-46d7-8538-56667c935cc3.yaml b/yaml/39742f99-2180-46d7-8538-56667c935cc3.yaml
@@ -515,7 +515,6 @@ KnownVulnerableSamples:
   LoadsDespiteHVCI: 'FALSE'
 MitreID: T1068
 Resources:
-- ' /~https://github.com/elastic/protections-artifacts/search?q=VulnDriver'
 - /~https://github.com/elastic/protections-artifacts/search?q=VulnDriver
 Tags:
 - viragt.sys

diff --git a/yaml/3ab0d182-6365-47a7-89f4-34121e889503.yaml b/yaml/3ab0d182-6365-47a7-89f4-34121e889503.yaml
@@ -318,7 +318,6 @@ KnownVulnerableSamples:
   LoadsDespiteHVCI: 'TRUE'
 MitreID: T1068
 Resources:
-- ' /~https://github.com/eclypsium/Screwed-Drivers/blob/master/DRIVERS.md'
 - /~https://github.com/eclypsium/Screwed-Drivers/blob/master/DRIVERS.md
 Tags:
 - HwOs2Ec10x64.sys

diff --git a/yaml/3ac0eda2-a844-4a9d-9cfa-c25a9e05d678.yaml b/yaml/3ac0eda2-a844-4a9d-9cfa-c25a9e05d678.yaml
@@ -202,7 +202,6 @@ KnownVulnerableSamples:
   LoadsDespiteHVCI: 'FALSE'
 MitreID: T1068
 Resources:
-- ' https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules'
 - https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules
 Tags:
 - Bs_Def.sys

diff --git a/yaml/3bc629e8-7bf8-40c2-965b-87eb155e0065.yaml b/yaml/3bc629e8-7bf8-40c2-965b-87eb155e0065.yaml
@@ -210,7 +210,6 @@ KnownVulnerableSamples:
   LoadsDespiteHVCI: 'FALSE'
 MitreID: T1068
 Resources:
-- ' /~https://github.com/eclypsium/Screwed-Drivers/blob/master/DRIVERS.md'
 - /~https://github.com/eclypsium/Screwed-Drivers/blob/master/DRIVERS.md
 Tags:
 - mtcBSv64.sys

diff --git a/yaml/3f39af20-802a-4909-a5de-7f6fe7aab350.yaml b/yaml/3f39af20-802a-4909-a5de-7f6fe7aab350.yaml
@@ -207,7 +207,6 @@ KnownVulnerableSamples:
   LoadsDespiteHVCI: 'TRUE'
 MitreID: T1068
 Resources:
-- ' /~https://github.com/namazso/physmem_drivers'
 - /~https://github.com/namazso/physmem_drivers
 Tags:
 - AsrOmgDrv.sys

diff --git a/yaml/3fb743b8-d3ed-4873-9c95-e212720dde21.yaml b/yaml/3fb743b8-d3ed-4873-9c95-e212720dde21.yaml
@@ -29,7 +29,6 @@ KnownVulnerableSamples:
   LoadsDespiteHVCI: 'FALSE'
 MitreID: T1068
 Resources:
-- ' https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules'
 - https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules
 Tags:
 - Lurker.sys

diff --git a/yaml/404f6db5-6be8-44a9-9898-badd56f96721.yaml b/yaml/404f6db5-6be8-44a9-9898-badd56f96721.yaml
@@ -29,7 +29,6 @@ KnownVulnerableSamples:
   LoadsDespiteHVCI: 'FALSE'
 MitreID: T1068
 Resources:
-- ' https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules'
 - https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules
 Tags:
 - c.sys