diff --git a/rules/windows/process_creation/win_net_use_admin_share.yml b/rules/windows/process_creation/win_net_use_admin_share.yml
deleted file mode 100644
index 2493c2fad..000000000
--- a/rules/windows/process_creation/win_net_use_admin_share.yml
+++ /dev/null
@@ -1,26 +0,0 @@
-title: Mounted Windows Admin Shares with net.exe
-id: 3abd6094-7027-475f-9630-8ab9be7b9725
-status: experimental
-description: Detects when an admin share is mounted using net.exe
-references:
-    - https://drive.google.com/file/d/1lKya3_mLnR3UQuCoiYruO3qgu052_iS_/view
-author: Teymur Kheirkhabarov '@HeirhabarovT', Zach Stanford '@svch0st'
-date: 2020/10/05
-tags:
-    - attack.lateral_movement
-    - attack.T1021.002
-logsource:
-    category: process_creation
-    product: windows
-detection:
-    selection:
-        Image|endswith:
-            - '\net.exe'
-            - '\net1.exe'
-        CommandLine|contains|all:
-            - ' use '
-            - '\\\\*\*$*'
-    condition: selection
-falsepositives:
-    - Administrators
-level: medium