fix for flaky integration tests (#167) (#181)

Signed-off-by: Subhobrata Dey <sbcd90@gmail.com>

src/main/resources/rules/test_windows/dns_query_win_regsvr32_network_activity.yml

@@ -1,5 +1,5 @@
 title: Regsvr32 Network Activity
-id: 36e037c4-c228-4866-b6a3-48eb292b9955
+id: 36a037c4-c228-4866-b6a3-48eb292b9955
 related:
     - id: c7e91a02-d771-4a6d-a700-42587e0b1095
       type: derived

src/main/resources/rules/test_windows/net_connection_win_regsvr32_network_activity.yml

@@ -1,5 +1,5 @@
 title: Regsvr32 Network Activity
-id: c7e91a02-d771-4a6d-a700-42587e0b1095
+id: c6e91a02-d771-4a6d-a700-42587e0b1095
 description: Detects network connections and DNS queries initiated by Regsvr32.exe
 references:
     - https://pentestlab.blog/2017/05/11/applocker-bypass-regsvr32/

src/main/resources/rules/test_windows/proc_creation_win_susp_regsvr32_no_dll.yml

@@ -1,5 +1,5 @@
 title: Regsvr32 Command Line Without DLL
-id: 50919691-7302-437f-8e10-1fe088afa145
+id: 5a919691-7302-437f-8e10-1fe088afa145
 status: experimental
 description: Detects a regsvr.exe execution that doesn't contain a DLL in the command line
 author: Florian Roth

src/main/resources/rules/test_windows/proc_creation_win_system_exe_anomaly.yml

@@ -1,5 +1,5 @@
 title: System File Execution Location Anomaly
-id: e4a6b256-3e47-40fc-89d2-7a477edd6915
+id: e5a6b256-3e47-40fc-89d2-7a477edd6915
 status: experimental
 description: Detects a Windows program executable started in a suspicious folder
 references:

src/main/resources/rules/test_windows/win_sample_rule.yml

@@ -1,5 +1,5 @@
 title: QuarksPwDump Clearing Access History
-id: 06724a9a-52fc-11ed-bdc3-0242ac120002
+id: 06724b9a-52fc-11ed-bdc3-0242ac120002
 status: experimental
 description: Detects QuarksPwDump clearing access history in hive
 author: Florian Roth