diff --git a/rules/windows/process_creation/proc_creation_win_uac_bypass_idiagnostic_profile.yml b/rules/windows/process_creation/proc_creation_win_uac_bypass_idiagnostic_profile.yml
index b3f145f94..c44047824 100644
--- a/rules/windows/process_creation/proc_creation_win_uac_bypass_idiagnostic_profile.yml
+++ b/rules/windows/process_creation/proc_creation_win_uac_bypass_idiagnostic_profile.yml
@@ -12,7 +12,7 @@ logsource:
 detection:
     selection:
         ParentImage|endswith: '\DllHost.exe'
-        ParentCommandLine|contains: ' /Processid:{2C21EA7-2EB8-4B55-9249-AC243DA8C666}'
+        ParentCommandLine|contains: ' /Processid:{12C21EA7-2EB8-4B55-9249-AC243DA8C666}'
         IntegrityLevel:
           - 'High'
           - 'System'