diff --git a/rules/windows/process_creation/proc_creation_win_event_logging_disable_via_key_minint.yml b/rules/windows/process_creation/proc_creation_win_event_logging_disable_via_key_minint.yml
new file mode 100644
index 00000000000..de68050b9db
--- /dev/null
+++ b/rules/windows/process_creation/proc_creation_win_event_logging_disable_via_key_minint.yml
@@ -0,0 +1,49 @@
+title: Security Event Logging Disabled via MiniNt Registry Key - Process
+id: 1a4bd6af-99ac-4466-b5b2-7b72b4a05462
+related:
+    - id: 8839e550-52d7-4958-9f2f-e13c1e736838 # Disable Security Events Logging Adding Reg Key MiniNt - Registry Set
+      type: similar
+status: experimental
+description: |
+    Detects attempts to disable security event logging by adding the `MiniNt` registry key.
+    This key is used to disable the Windows Event Log service, which collects and stores event logs from the operating system and applications.
+    Adversaries may want to disable this service to prevent logging of security events that could be used to detect their activities.
+references:
+    - https://www.hackingarticles.in/defense-evasion-windows-event-logging-t1562-002/
+author: Swachchhanda Shrawan Poudel (Nextron Systems)
+date: 2025-04-09
+tags:
+    - attack.defense-evasion
+    - attack.t1562.002
+    - attack.t1112
+    - car.2022-03-001
+logsource:
+    category: process_creation
+    product: windows
+detection:
+    selection_reg_img:
+        # Example: reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\MiniNt"
+        - Image|endswith: '\reg.exe'
+        - OriginalFileName: 'reg.exe'
+    selection_reg_cmd:
+        CommandLine|contains|all:
+            - ' add '
+            - '\SYSTEM\CurrentControlSet\Control\MiniNt'
+    selection_powershell_img:
+        - Image|endswith:
+              - '\powershell.exe'
+              - '\pwsh.exe'
+              - '\powershell_ise.exe'
+        - OriginalFileName:
+              - 'PowerShell.EXE'
+              - 'pwsh.dll'
+    selection_powershell_cmd1:
+        CommandLine|contains:
+            - 'New-Item '
+            - 'ni '
+    selection_powershell_cmd2:
+        CommandLine|contains: '\SYSTEM\CurrentControlSet\Control\MiniNt'
+    condition: all of selection_reg_* or all of selection_powershell_*
+falsepositives:
+    - Highly Unlikely
+level: high
diff --git a/rules/windows/registry/registry_event/registry_event_disable_security_events_logging_adding_reg_key_minint.yml b/rules/windows/registry/registry_event/registry_event_disable_security_events_logging_adding_reg_key_minint.yml
index 3c289fed49d..20247e3386d 100755
--- a/rules/windows/registry/registry_event/registry_event_disable_security_events_logging_adding_reg_key_minint.yml
+++ b/rules/windows/registry/registry_event/registry_event_disable_security_events_logging_adding_reg_key_minint.yml
@@ -1,16 +1,18 @@
 title: Disable Security Events Logging Adding Reg Key MiniNt
 id: 919f2ef0-be2d-4a7a-b635-eb2b41fde044
 status: test
-description: Detects the addition of a key 'MiniNt' to the registry. Upon a reboot, Windows Event Log service will stopped write events.
+description: Detects the addition of a key 'MiniNt' to the registry. Upon a reboot, Windows Event Log service will stop writing events.
 references:
     - https://twitter.com/0gtweet/status/1182516740955226112
+    - https://www.hackingarticles.in/defense-evasion-windows-event-logging-t1562-002/
 author: Ilyas Ochkov, oscd.community
 date: 2019-10-25
 modified: 2021-11-27
 tags:
     - attack.defense-evasion
-    - attack.t1562.001
+    - attack.t1562.002
     - attack.t1112
+    - car.2022-03-001
 logsource:
     category: registry_event
     product: windows
diff --git a/rules/windows/registry/registry_set/registry_set_create_minint_key.yml b/rules/windows/registry/registry_set/registry_set_create_minint_key.yml
new file mode 100644
index 00000000000..724be0f103f
--- /dev/null
+++ b/rules/windows/registry/registry_set/registry_set_create_minint_key.yml
@@ -0,0 +1,29 @@
+title: Security Event Logging Disabled via MiniNt Registry Key - Registry Set
+id: 8839e550-52d7-4958-9f2f-e13c1e736838
+related:
+    - id: 1a4bd6af-99ac-4466-b5b2-7b72b4a05462 # Security Event Logging Disabled Via MiniNt Registry Key
+      type: similar
+status: experimental
+description: |
+    Detects the addition of the 'MiniNt' key to the registry. Upon a reboot, Windows Event Log service will stop writing events.
+    Windows Event Log is a service that collects and stores event logs from the operating system and applications. It is an important component of Windows security and auditing.
+    Adversary may want to disable this service to disable logging of security events which could be used to detect their activities.
+references:
+    - https://www.hackingarticles.in/defense-evasion-windows-event-logging-t1562-002/
+author: Swachchhanda Shrawan Poudel (Nextron Systems)
+date: 2025-04-09
+tags:
+    - attack.defense-evasion
+    - attack.t1562.002
+    - attack.t1112
+    - car.2022-03-001
+logsource:
+    category: registry_set
+    product: windows
+detection:
+    selection:
+        TargetObject: 'HKLM\System\CurrentControlSet\Control\MiniNt\(Default)'
+    condition: selection
+falsepositives:
+    - Highly Unlikely
+level: high