This detection rule aims to identify the malicious addition of a registry key named 'MiniNt' within Windows. The presence of this key is significant as it is associated with the disabling of the Windows Event Log service, which subsequently stops the logging of security events. This action directly contributes to defense evasion tactics by threat actors, allowing them to conduct activities without generating observable events in the Windows Event Logs. The rule monitors the Windows registry under the path 'HKLM\SYSTEM\CurrentControlSet\Control\' for any creation of the MiniNt key, leveraging event logs related to registry changes. When a key is created in this section of the registry, it can indicate that an attempt is being made to manipulate the logging services integral to monitoring and detecting malicious activity. The rule will trigger an alert if the specified conditions pertaining to the 'MiniNt' registry key are met, thereby alerting security teams to a potential evasion tactic in use. It is classified as a high-level alert due to the critical implications of disabling security event logging, which can significantly hinder incident response efforts.