diff --git a/atomics/Indexes/index.yaml b/atomics/Indexes/index.yaml
index ccdbd4fc..f3f54ae4 100644
--- a/atomics/Indexes/index.yaml
+++ b/atomics/Indexes/index.yaml
@@ -15885,7 +15885,7 @@ privilege-escalation:
         command: 'sudo defaults write com.apple.loginwindow LoginHook #{script}
 
 '
-        cleanup: 'sudo defaults delete com.apple.loginwindow LoginHook
+        cleanup_command: 'sudo defaults delete com.apple.loginwindow LoginHook
 
 '
         elevation_required: true
@@ -44102,7 +44102,7 @@ persistence:
         command: 'sudo defaults write com.apple.loginwindow LoginHook #{script}
 
 '
-        cleanup: 'sudo defaults delete com.apple.loginwindow LoginHook
+        cleanup_command: 'sudo defaults delete com.apple.loginwindow LoginHook
 
 '
         elevation_required: true
diff --git a/atomics/T1547.007/T1547.007.md b/atomics/T1547.007/T1547.007.md
index bbda29b0..bd406f5c 100644
--- a/atomics/T1547.007/T1547.007.md
+++ b/atomics/T1547.007/T1547.007.md
@@ -72,6 +72,10 @@ Mac Defaults
 sudo defaults write com.apple.loginwindow LoginHook #{script}
 ```
 
+#### Cleanup Commands:
+```sh
+sudo defaults delete com.apple.loginwindow LoginHook
+```