diff --git a/rules/windows/process_creation/proc_creation_win_susp_ftp.yml b/rules/windows/process_creation/proc_creation_win_lolbin_ftp.yml
similarity index 94%
rename from rules/windows/process_creation/proc_creation_win_susp_ftp.yml
rename to rules/windows/process_creation/proc_creation_win_lolbin_ftp.yml
index 249f6a99b..93f7abf93 100644
--- a/rules/windows/process_creation/proc_creation_win_susp_ftp.yml
+++ b/rules/windows/process_creation/proc_creation_win_lolbin_ftp.yml
@@ -1,4 +1,4 @@
-title: Suspicious Execution Of FTP.EXE Binary
+title: LOLBIN Execution Of The FTP.EXE Binary
 id: 06b401f4-107c-4ff9-947f-9ec1e7649f1e
 status: test
 description: Detects execution of ftp.exe script execution with the "-s" flag and any child processes ran by ftp.exe