diff --git a/rules/windows/process_creation/proc_creation_susp_rcedit_execution.yml b/rules/windows/process_creation/proc_creation_susp_rcedit_execution.yml
index 1ad1b4900..c9ca2c50d 100644
--- a/rules/windows/process_creation/proc_creation_susp_rcedit_execution.yml
+++ b/rules/windows/process_creation/proc_creation_susp_rcedit_execution.yml
@@ -25,8 +25,7 @@ detection:
         - Description: 'Edit resources of exe'
         - Product: 'rcedit'
     selection_flags:
-        CommandLine|contains:
-            - '--set-' # Covers multiple edit commands such as "--set-resource-string" or "--set-version-string"
+        CommandLine|contains: '--set-' # Covers multiple edit commands such as "--set-resource-string" or "--set-version-string"
     selection_attributes:
         CommandLine|contains:
             - 'OriginalFileName'