diff --git a/rules/windows/file/file_event/file_event_win_lolbin_gather_network_info_script_output.yml b/rules/windows/file/file_event/file_event_win_lolbin_gather_network_info_script_output.yml
index 2cd5638e1..47b770ab5 100644
--- a/rules/windows/file/file_event/file_event_win_lolbin_gather_network_info_script_output.yml
+++ b/rules/windows/file/file_event/file_event_win_lolbin_gather_network_info_script_output.yml
@@ -3,7 +3,7 @@ id: f92a6f1e-a512-4a15-9735-da09e78d7273
 related:
     - id: 575dce0c-8139-4e30-9295-1ee75969f7fe # ProcCreation LOLBIN
       type: similar
-    - id:  07aa184a-870d-413d-893a-157f317f6f58 # ProcCreation Susp
+    - id: 07aa184a-870d-413d-893a-157f317f6f58 # ProcCreation Susp
       type: similar
 status: experimental
 description: Detects creation of files which are the results of executing the built-in reconnaissance script "C:\Windows\System32\gatherNetworkInfo.vbs".
diff --git a/rules/windows/process_creation/proc_creation_win_lolbin_gather_network_info.yml b/rules/windows/process_creation/proc_creation_win_lolbin_gather_network_info.yml
index 02f55bf03..478c2e272 100644
--- a/rules/windows/process_creation/proc_creation_win_lolbin_gather_network_info.yml
+++ b/rules/windows/process_creation/proc_creation_win_lolbin_gather_network_info.yml
@@ -3,7 +3,7 @@ id: 575dce0c-8139-4e30-9295-1ee75969f7fe
 related:
     - id: f92a6f1e-a512-4a15-9735-da09e78d7273 # FileCreate
       type: similar
-    - id:  07aa184a-870d-413d-893a-157f317f6f58 # ProcCreation Susp
+    - id: 07aa184a-870d-413d-893a-157f317f6f58 # ProcCreation Susp
       type: similar
 status: test
 description: Detects execution of the built-in script located in "C:\Windows\System32\gatherNetworkInfo.vbs". Which can be used to gather information about the target machine