diff --git a/rules/windows/builtin/win_susp_mshta_execution.yml b/rules/windows/builtin/win_susp_mshta_execution.yml
index adf95f8cd..cac81fb5b 100644
--- a/rules/windows/builtin/win_susp_mshta_execution.yml
+++ b/rules/windows/builtin/win_susp_mshta_execution.yml
@@ -28,7 +28,7 @@ detection:
             - '.jpg'
             - '.png'
             - '.lnk'
-            # - '*.chm*'  # could be prone to false positives
+            # - '.chm'  # could be prone to false positives
             - '.xls'
             - '.doc'
             - '.zip'