diff --git a/Hunting Queries/MultipleDataSources/PersistViaIFEORegistryKey.yaml b/Hunting Queries/MultipleDataSources/PersistViaIFEORegistryKey.yaml
index a8d8b2a2b0..e973cac03d 100644
--- a/Hunting Queries/MultipleDataSources/PersistViaIFEORegistryKey.yaml	
+++ b/Hunting Queries/MultipleDataSources/PersistViaIFEORegistryKey.yaml	
@@ -24,7 +24,7 @@ query: |
   SecurityEvent
   | where EventID == 4657
   | where ObjectName has "Image File Execution Options"
-  | summarize Count=count() by Computer, CommandLine, Account, NewValue, OldValue
+  | summarize Count=count() by Computer, Account, NewValue, OldValue
   | top 10 by Count desc 
   | extend AccountCustomEntity = Account, HostCustomEntity = Computer
   ),