diff --git a/atomics/Indexes/index.yaml b/atomics/Indexes/index.yaml
index 5a5a15e4..36542155 100644
--- a/atomics/Indexes/index.yaml
+++ b/atomics/Indexes/index.yaml
@@ -84730,7 +84730,7 @@ discovery:
           $file = "rad" + $rad + ".tmp"
 
           whoami.exe /all >> #{output_path}\$file
-        cleanup_command: 'Remove-Item -Path $env:temp\rad*.tmp -Force
+        cleanup_command: 'Remove-Item -Path #{output_path}\rad*.tmp -Force
 
           '
         name: powershell
diff --git a/atomics/Indexes/windows-index.yaml b/atomics/Indexes/windows-index.yaml
index 391a1ab5..fa41d2b7 100644
--- a/atomics/Indexes/windows-index.yaml
+++ b/atomics/Indexes/windows-index.yaml
@@ -73739,7 +73739,7 @@ discovery:
           $file = "rad" + $rad + ".tmp"
 
           whoami.exe /all >> #{output_path}\$file
-        cleanup_command: 'Remove-Item -Path $env:temp\rad*.tmp -Force
+        cleanup_command: 'Remove-Item -Path #{output_path}\rad*.tmp -Force
 
           '
         name: powershell
diff --git a/atomics/T1033/T1033.md b/atomics/T1033/T1033.md
index 0c6b337f..bc8423ab 100644
--- a/atomics/T1033/T1033.md
+++ b/atomics/T1033/T1033.md
@@ -230,7 +230,7 @@ whoami.exe /all >> #{output_path}\$file
 
 #### Cleanup Commands:
 ```powershell
-Remove-Item -Path $env:temp\rad*.tmp -Force
+Remove-Item -Path #{output_path}\rad*.tmp -Force
 ```