diff --git a/Solutions/CrowdStrike Falcon Endpoint Protection/Analytic Rules/CriticalOrHighSeverityDetectionsByUser.yaml b/Solutions/CrowdStrike Falcon Endpoint Protection/Analytic Rules/CriticalOrHighSeverityDetectionsByUser.yaml
index d978e93795..444ec4b33d 100644
--- a/Solutions/CrowdStrike Falcon Endpoint Protection/Analytic Rules/CriticalOrHighSeverityDetectionsByUser.yaml	
+++ b/Solutions/CrowdStrike Falcon Endpoint Protection/Analytic Rules/CriticalOrHighSeverityDetectionsByUser.yaml	
@@ -44,5 +44,7 @@ entityMappings:
         columnName: IPCustomEntity
   - entityType: FileHash
     fieldMappings:
-      - identifier: FullName
+      - identifier: Algorithm
+        columnName: MD5
+      - identifier: Value
         columnName: FileHashCustomEntity
\ No newline at end of file
diff --git a/Solutions/CrowdStrike Falcon Endpoint Protection/Analytic Rules/CriticalSeverityDetection.yaml b/Solutions/CrowdStrike Falcon Endpoint Protection/Analytic Rules/CriticalSeverityDetection.yaml
index 883d384cda..5965a94e82 100644
--- a/Solutions/CrowdStrike Falcon Endpoint Protection/Analytic Rules/CriticalSeverityDetection.yaml	
+++ b/Solutions/CrowdStrike Falcon Endpoint Protection/Analytic Rules/CriticalSeverityDetection.yaml	
@@ -36,5 +36,7 @@ entityMappings:
         columnName: IPCustomEntity
   - entityType: FileHash
     fieldMappings:
-      - identifier: FullName
+      - identifier: Algorithm
+        columnName: MD5
+      - identifier: Value
         columnName: FileHashCustomEntity
\ No newline at end of file