/hub/author/sigmahq/scenarios/proc_creation_win_wmic_namespace_defender