diff --git a/rules/windows/image_load/image_load_susp_python_image_load.yml b/rules/windows/image_load/image_load_susp_python_image_load.yml
index 65dcf3eb4..7b2947e87 100644
--- a/rules/windows/image_load/image_load_susp_python_image_load.yml
+++ b/rules/windows/image_load/image_load_susp_python_image_load.yml
@@ -25,11 +25,8 @@ detection:
             - 'C:\Program Files (x86)\'
             - 'C:\ProgramData\Anaconda3\' # Comment out if you don't use Anaconda in your environment
     filter_aurora:
-        # Example:
-        #   ImageLoaded: C:\ProgramData\Anaconda3\DLLs\_queue.pyd
-        #   ImageName: \Device\HarddiskVolume5\ProgramData\Anaconda3\DLLs\_queue.pyd
         Provider_Name: Microsoft-Windows-Kernel-Process
-        ImageName|contains: '\ProgramData\Anaconda3\DLLs\'
+        Image: null
     condition: selection and not 1 of filter_*
 fields:
     - Description