diff --git a/atomics/Indexes/index.yaml b/atomics/Indexes/index.yaml
index 0ac8e2c1..deece78c 100644
--- a/atomics/Indexes/index.yaml
+++ b/atomics/Indexes/index.yaml
@@ -64450,7 +64450,7 @@ persistence:
 
           foreach($member in $fmm) {
               if($member -like "*Administrator*") {
-                  $account = $member.Name -replace ".+\\\","" # strip computername\
+                  $account = $member.Name.Split("\")[-1] # strip computername\
                   $originalDescription = (Get-LocalUser -Name $account).Description
                   Set-LocalUser -Name $account -Description "atr:$account;$originalDescription".Substring(0,48) # Keep original name in description
                   Rename-LocalUser -Name $account -NewName "HaHa_$x$y$z" # Required due to length limitation
diff --git a/atomics/Indexes/windows-index.yaml b/atomics/Indexes/windows-index.yaml
index 0e227f1b..2fafa525 100644
--- a/atomics/Indexes/windows-index.yaml
+++ b/atomics/Indexes/windows-index.yaml
@@ -56719,7 +56719,7 @@ persistence:
 
           foreach($member in $fmm) {
               if($member -like "*Administrator*") {
-                  $account = $member.Name -replace ".+\\\","" # strip computername\
+                  $account = $member.Name.Split("\")[-1] # strip computername\
                   $originalDescription = (Get-LocalUser -Name $account).Description
                   Set-LocalUser -Name $account -Description "atr:$account;$originalDescription".Substring(0,48) # Keep original name in description
                   Rename-LocalUser -Name $account -NewName "HaHa_$x$y$z" # Required due to length limitation
diff --git a/atomics/T1098/T1098.md b/atomics/T1098/T1098.md
index 2a4b0457..3dbb2177 100644
--- a/atomics/T1098/T1098.md
+++ b/atomics/T1098/T1098.md
@@ -54,7 +54,7 @@ $fmm = Get-LocalGroupMember -Group Administrators |?{ $_.ObjectClass -match "Use
 
 foreach($member in $fmm) {
     if($member -like "*Administrator*") {
-        $account = $member.Name -replace ".+\\\","" # strip computername\
+        $account = $member.Name.Split("\")[-1] # strip computername\
         $originalDescription = (Get-LocalUser -Name $account).Description
         Set-LocalUser -Name $account -Description "atr:$account;$originalDescription".Substring(0,48) # Keep original name in description
         Rename-LocalUser -Name $account -NewName "HaHa_$x$y$z" # Required due to length limitation