diff --git a/rules/windows/file_change/file_change_win_2022_timestomping.yml b/rules/windows/file_change/file_change_win_2022_timestomping.yml
index 0a2643eaf..cfdf05658 100644
--- a/rules/windows/file_change/file_change_win_2022_timestomping.yml
+++ b/rules/windows/file_change/file_change_win_2022_timestomping.yml
@@ -8,7 +8,7 @@ references:
     - https://www.inversecos.com/2022/04/defence-evasion-technique-timestomping.html
 author: frack113, Florian Roth
 date: 2022/08/12
-modified: 2022/09/09
+modified: 2022/09/05
 tags:
     - attack.t1070.006
     - attack.defense_evasion
@@ -33,7 +33,7 @@ detection:
         - TargetFilename|endswith:
             - '.tmp'
             - '.temp'
-    condition: (( selection1 and not filter1 ) or ( selection2 and not filter2 )) and not 1 of gen_filter*
+    condition: ( selection1 and not filter1 ) or ( selection2 and not filter2 ) and not 1 of gen_filter*
 falsepositives:
     - Changes made to or by the local NTP service
 level: high