Add AutoIt3 detection

[maxvarm]

Hi,
It would be great to add AutoIt3 scripts detection, saw them many times for this quarter.

Attack example:

• https://isc.sans.edu/diary/More+Brazil+malspam+pushing+Astaroth+Guildma+in+January+2023/29404

Detection suggestions:

<!-- Event Code 11, AutoIt3 scripts extensions -->
<TargetFilename condition="end with">.au3</TargetFilename>
<TargetFilename condition="end with">.a3x</TargetFilename>

<!-- Event Code 1 and 3, in my cases fetched via curl.exe LOLBin -->
<Image condition="image">AutoIt3.exe</Image>
<Image condition="image">curl.exe</Image>

[nasbench]

Thanks for the suggestion @maxvarm will add them shortly