diff --git a/rules/windows/process_creation/proc_creation_win_powershell_amsi_bypass.yml b/rules/windows/process_creation/proc_creation_win_powershell_amsi_bypass.yml
index 110404f91..3b7affa43 100644
--- a/rules/windows/process_creation/proc_creation_win_powershell_amsi_bypass.yml
+++ b/rules/windows/process_creation/proc_creation_win_powershell_amsi_bypass.yml
@@ -12,7 +12,7 @@ logsource:
     category: process_creation
     product: windows
 detection:
-    selection1:
+    selection:
         CommandLine|contains:
             - 'System.Management.Automation.AmsiUtils'
             - 'amsiInitFailed'