diff --git a/rules/windows/process_creation/proc_creation_win_7zip_password_extraction.yml b/rules/windows/process_creation/proc_creation_win_7zip_password_extraction.yml
index 54b5f1b10..7927b71fa 100644
--- a/rules/windows/process_creation/proc_creation_win_7zip_password_extraction.yml
+++ b/rules/windows/process_creation/proc_creation_win_7zip_password_extraction.yml
@@ -23,7 +23,7 @@ detection:
             - '7z.exe'
             - '7za.exe'
     selection_password:
-        CommandLine|contains:
+        CommandLine|contains|all:
             - ' -p'
             - ' x '
             - ' -o'