[Rule Tuning] Potential PowerShell HackTool Script by Function Names (#2692)

(cherry picked from commit 1a9b0e7)

Author: w0rk3r

rules/windows/execution_posh_hacktool_functions.toml

@@ -2,7 +2,7 @@
 creation_date = "2023/01/17"
 integration = ["windows"]
 maturity = "production"
-updated_date = "2023/02/22"
+updated_date = "2023/04/05"
 min_stack_comments = "New fields added: required_fields, related_integrations, setup"
 min_stack_version = "8.3.0"
 
@@ -152,7 +152,7 @@ event.category:process and host.os.type:windows and
     "Set-DomainObjectOwner" or "Set-DomainUserPassword" or
     "Set-ServiceBinaryPath" or "Sub-SignedIntAsUnsigned" or
     "Test-AdminAccess" or "Test-MemoryRangeValid" or
-    "Test-ServiceDaclPermission" or"Update-ExeFunctions" or
+    "Test-ServiceDaclPermission" or "Update-ExeFunctions" or
     "Update-MemoryAddresses" or "Update-MemoryProtectionFlags" or
     "Write-BytesToMemory" or "Write-HijackDll" or
     "Write-PortscanOut" or "Write-ServiceBinary" or