diff --git a/rules/windows/process_creation/proc_creation_win_susp_rundll32_by_ordinal.yml b/rules/windows/process_creation/proc_creation_win_susp_rundll32_by_ordinal.yml
index b25f0ab9f..2fa325dd1 100644
--- a/rules/windows/process_creation/proc_creation_win_susp_rundll32_by_ordinal.yml
+++ b/rules/windows/process_creation/proc_creation_win_susp_rundll32_by_ordinal.yml
@@ -9,7 +9,7 @@ references:
     - https://www.welivesecurity.com/2022/03/01/isaacwiper-hermeticwizard-wiper-worm-targeting-ukraine/
 author: Florian Roth
 date: 2019/10/22
-modified: 2022/10/31
+modified: 2022/11/10
 tags:
     - attack.defense_evasion
     - attack.t1218.011
@@ -24,10 +24,6 @@ detection:
             - ', #'
             - '.dll #'  # Sysmon removes , in its log
             - '.ocx #'  # HermeticWizard
-    filter1:
-        CommandLine|contains|all:
-            - 'EDGEHTML.dll'
-            - '#141'
     filter_edge:
         CommandLine|contains|all:
             - 'EDGEHTML.dll'