diff --git a/rules/windows/sysmon/sysmon_cactustorch.yml b/rules/windows/sysmon/sysmon_cactustorch.yml
index 087ba323a..45ab4e3a0 100644
--- a/rules/windows/sysmon/sysmon_cactustorch.yml
+++ b/rules/windows/sysmon/sysmon_cactustorch.yml
@@ -20,7 +20,7 @@ detection:
             - '\System32\mshta.exe'
             - '\winword.exe'
             - '\excel.exe'
-        TargetImage|contains: '\SysWOW64\\'
+        TargetImage|contains: '\SysWOW64\'
         StartModule: null
     condition: selection
 tags: