diff --git a/atomics/T1031/T1031.md b/atomics/T1031/T1031.md
index 382db6c1..8021659c 100644
--- a/atomics/T1031/T1031.md
+++ b/atomics/T1031/T1031.md
@@ -24,9 +24,12 @@ and will then revert the binPath change, restoring Fax to its original state.
 ```
 sc config Fax binPath= "C:\windows\system32\WindowsPowerShell\v1.0\powershell.exe -noexit -c \"write-host 'T1031 Test'\""
 sc start Fax
-sc config Fax binPath= "C:\WINDOWS\system32\fxssvc.exe"
 ```
 
 
+#### Cleanup Commands:
+```
+sc config Fax binPath= "C:\WINDOWS\system32\fxssvc.exe"
+```
 
 <br/>
diff --git a/atomics/index.yaml b/atomics/index.yaml
index 4db6990c..8873d88b 100644
--- a/atomics/index.yaml
+++ b/atomics/index.yaml
@@ -2892,7 +2892,7 @@ persistence:
         command: |
           sc config Fax binPath= "C:\windows\system32\WindowsPowerShell\v1.0\powershell.exe -noexit -c \"write-host 'T1031 Test'\""
           sc start Fax
-          sc config Fax binPath= "C:\WINDOWS\system32\fxssvc.exe"
+        cleanup_command: sc config Fax binPath= "C:\WINDOWS\system32\fxssvc.exe"
   T1128:
     technique:
       x_mitre_data_sources: