From 880447898133e5cde70b76e82c4d07feb134fe1e Mon Sep 17 00:00:00 2001
From: Andrew Rathbun <36825567+rathbuna@users.noreply.github.com>
Date: Wed, 8 Sep 2021 08:26:18 -0400
Subject: [PATCH] Update event-4776.md

Change lowercase c to uppercase C in line with other error codes.
---
 windows/security/threat-protection/auditing/event-4776.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/auditing/event-4776.md b/windows/security/threat-protection/auditing/event-4776.md
index 75dc6a4a69..3249451c6f 100644
--- a/windows/security/threat-protection/auditing/event-4776.md
+++ b/windows/security/threat-protection/auditing/event-4776.md
@@ -116,7 +116,7 @@ This event does *not* generate when a domain account logs on locally to a domain
 | 0xC0000193 | Account logon with expired account.                                                                                                                                                                                                                                                       |
 | 0xC0000224 | Account logon with "Change Password at Next Logon" flagged.                                                                                                                                                                                                                               |
 | 0xC0000234 | Account logon with account locked.                                                                                                                                                                                                                                                        |
-| 0xc0000371 | The local account store does not contain secret material for the specified account.                                                                                                                                                                                                       |
+| 0xC0000371 | The local account store does not contain secret material for the specified account.                                                                                                                                                                                                       |
 | 0x0        | No errors.                                                                                                                                                                                                                                                                                |
 
 > Table 1. Winlogon Error Codes.
@@ -150,4 +150,4 @@ For 4776(S, F): The computer attempted to validate the credentials for an accoun
 | **User logon from unauthorized workstation**        | Can indicate a compromised account; especially relevant for highly critical accounts.                                                               |
 | **User logon to account disabled by administrator** | For example, N events in last N minutes can be an indicator of an account compromise attempt, especially relevant for highly critical accounts.     |
 | **User logon with expired account**                 | Can indicate an account compromise attempt; especially relevant for highly critical accounts.                                                       |
-| **User logon with account locked**                  | Can indicate a brute-force password attack; especially relevant for highly critical accounts.                                                       |
\ No newline at end of file
+| **User logon with account locked**                  | Can indicate a brute-force password attack; especially relevant for highly critical accounts.                                                       |