diff --git a/rules/windows/process_creation/proc_creation_win_sdelete.yml b/rules/windows/process_creation/proc_creation_win_sdelete.yml
index 179b39028..b235477bd 100644
--- a/rules/windows/process_creation/proc_creation_win_sdelete.yml
+++ b/rules/windows/process_creation/proc_creation_win_sdelete.yml
@@ -3,6 +3,7 @@ id: a4824fca-976f-4964-b334-0621379e84c4
 status: experimental
 author: frack113
 date: 2021/06/03
+modified: 2022/08/13
 description: Use of SDelete to erase a file not the free space
 references:
     - https://github.com/redcanaryco/atomic-red-team/blob/f339e7da7d05f6057fdfcdd3742bfcf365fee2a9/atomics/T1485/T1485.md
@@ -20,7 +21,7 @@ detection:
             - ' -h'
             - ' -c'
             - ' -z'
-            - ' /?'
+            - ' /\?'
     condition: selection and not filter
 fields:
     - ComputerName