diff --git a/rules/windows/process_creation/proc_creation_win_apt_pandemic.yml b/rules/windows/process_creation/proc_creation_win_apt_pandemic.yml
deleted file mode 100644
index f13454dc1..000000000
--- a/rules/windows/process_creation/proc_creation_win_apt_pandemic.yml
+++ /dev/null
@@ -1,33 +0,0 @@
-title: Pandemic Registry Key
-id: 9fefd33c-339d-4495-9cba-b96ca006f512
-related:
-    - id: 47e0852a-cf81-4494-a8e6-31864f8c86ed
-      type: derived
-status: experimental
-description: Detects Pandemic Windows Implant
-references:
-    - https://wikileaks.org/vault7/#Pandemic
-    - https://twitter.com/MalwareJake/status/870349480356454401
-tags:
-    - attack.lateral_movement
-    - attack.t1105
-author: Florian Roth
-date: 2017/06/01
-modified: 2021/09/12
-logsource:
-    category: process_creation
-    product: windows
-detection:
-    selection:
-        CommandLine|contains: 'loaddll -a '
-    condition: selection
-falsepositives:
-    - Unknown
-level: critical
-fields:
-    - EventID
-    - CommandLine
-    - ParentCommandLine
-    - Image
-    - User
-    - TargetObject
\ No newline at end of file