diff --git a/rules-threat-hunting/windows/process_creation/proc_creation_win_SET-command-abuse.yml b/rules-threat-hunting/windows/process_creation/proc_creation_win_SET-command-abuse.yml
deleted file mode 100644
index 1c1678d99d7..00000000000
--- a/rules-threat-hunting/windows/process_creation/proc_creation_win_SET-command-abuse.yml
+++ /dev/null
@@ -1,32 +0,0 @@
-title: Detect SET (Environment Variable) Command Abuse
-id: 8577730a-980c-4fec-9fb0-3b5f97d29b66
-description: Detects the use of the SET command with the /p flag combined with the >> redirection operator, which can indicate an attempt to create or modify files maliciously.
-references:
-    https://news.sophos.com/en-us/2024/08/07/sophos-mdr-hunt-tracks-mimic-ransomware-campaign-against-organizations-in-india/
-    https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/set_1
-status: experimental
-author: MahirAli Khan (https://www.linkedin.com/in/mahiralikhan)
-date: 2024/08/14
-logsource:
-  category: process_creation
-  product: windows
-detection:
-  selection:
-    Image|endswith: 
-      - '\cmd.exe'
-      - '\powershell.exe'
-      - '\powershell_ise.exe'
-    CommandLine|contains|all:
-      - 'set'
-      - '/p'
-      - '>>'
-  condition: selection
-falsepositives:
-  - Legitimate use of the SET command in administrative scripts or user-generated scripts.
-  - Development or debugging activities where environment variables are used.
-level: medium
-tags:
-  - attack.execution
-  - attack.defense_evasion
-  - attack.t1072
-  - attack.t1047