diff --git a/rules/application/antivirus/av_exploiting.yml b/rules/application/antivirus/av_exploiting.yml
index 8f63f2a3c..018fef2de 100644
--- a/rules/application/antivirus/av_exploiting.yml
+++ b/rules/application/antivirus/av_exploiting.yml
@@ -17,7 +17,7 @@ detection:
       - 'Meterpreter'
       - 'Metasploit'
       - 'PowerSploit'
-      - 'CobaltSrike'
+      - 'CobaltStrike'
       - 'Swrort'
       - 'Rozena'
       - 'Backdoor.Cobalt'