diff --git a/rules/windows/process_creation/proc_creation_win_cmd_delete.yml b/rules/windows/process_creation/proc_creation_win_cmd_delete.yml
index 05c272296..46aab7be0 100644
--- a/rules/windows/process_creation/proc_creation_win_cmd_delete.yml
+++ b/rules/windows/process_creation/proc_creation_win_cmd_delete.yml
@@ -9,7 +9,7 @@ references:
     - https://github.com/redcanaryco/atomic-red-team/blob/f339e7da7d05f6057fdfcdd3742bfcf365fee2a9/atomics/T1070.004/T1070.004.md
 author: frack113
 date: 2022/01/15
-modified: 2022/08/20
+modified: 2023/02/24
 tags:
     - attack.defense_evasion
     - attack.t1070.004
@@ -21,6 +21,9 @@ detection:
         - CommandLine|contains|all:
             - ' del '
             - /f
+        - CommandLine|contains|all:
+            - ' del '
+            - /s
         - CommandLine|contains|all:
             - rmdir
             - /s