diff --git a/atomics/Indexes/index.yaml b/atomics/Indexes/index.yaml
index 5423cc2f..a99d8565 100644
--- a/atomics/Indexes/index.yaml
+++ b/atomics/Indexes/index.yaml
@@ -32103,7 +32103,7 @@ defense-evasion:
       - windows
       executor:
         command: 'reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer"
-          /v StartMenuLogOff /t REG_DWORD /d 1 /f
+          /v NoTrayContextMenu /t REG_DWORD /d 1 /f
 
 '
         cleanup_command: 'reg delete "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer"
diff --git a/atomics/T1112/T1112.md b/atomics/T1112/T1112.md
index 1b235756..7777c1a3 100644
--- a/atomics/T1112/T1112.md
+++ b/atomics/T1112/T1112.md
@@ -908,7 +908,7 @@ See how ransomware abuses this technique- https://www.virustotal.com/gui/file/2d
 
 
 ```cmd
-reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v StartMenuLogOff /t REG_DWORD /d 1 /f
+reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v NoTrayContextMenu /t REG_DWORD /d 1 /f
 ```
 
 #### Cleanup Commands: