diff --git a/rules/windows/registry/registry_set/registry_set_timeproviders_dllname.yml b/rules/windows/registry/registry_set/registry_set_timeproviders_dllname.yml
index 09ada3d16..721920621 100644
--- a/rules/windows/registry/registry_set/registry_set_timeproviders_dllname.yml
+++ b/rules/windows/registry/registry_set/registry_set_timeproviders_dllname.yml
@@ -2,9 +2,7 @@ title: Set TimeProviders DllName
 id: e88a6ddc-74f7-463b-9b26-f69fc0d2ce85
 status: experimental
 description: | 
-  Detects set DLL in DllName in under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\TimeProvider
-  Adversaries may abuse time providers to execute DLLs when the system boots.
-  The Windows Time service (W32Time) enables time synchronization across and within domains.
+  Detects processes setting a new DLL in DllName in under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\TimeProvider. Adversaries may abuse time providers to execute DLLs when the system boots. The Windows Time service (W32Time) enables time synchronization across and within domains.
 author: frack113
 date: 2022/06/19
 references:
@@ -26,4 +24,4 @@ level: high
 tags:
     - attack.persistence
     - attack.privilege_escalation
-    - attack.t1547.003
\ No newline at end of file
+    - attack.t1547.003