diff --git a/atomics/T1112/T1112.yaml b/atomics/T1112/T1112.yaml
index 25487998..b64f6baf 100644
--- a/atomics/T1112/T1112.yaml
+++ b/atomics/T1112/T1112.yaml
@@ -179,10 +179,10 @@ atomic_tests:
   - windows
   executor:
     command: |
-      reg add "HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System" /v "DisableCMD" /t REG_DWORD /d "1" /f
+      New-ItemProperty -Path "HKCU:\Software\Policies\Microsoft\Windows\System" -Name DisableCMD -Value 1
     cleanup_command: |
-      reg delete "HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System" /v "DisableCMD" /f >nul 2>&1
-    name: command_prompt
+      Remove-ItemProperty -Path "HKCU:\Software\Policies\Microsoft\Windows\System" -Name DisableCMD -ErrorAction Ignore
+    name: powershell
     elevation_required: true
 - name: Disable Windows Task Manager application
   auto_generated_guid: af254e70-dd0e-4de6-9afe-a994d9ea8b62