diff --git a/analyzer/windows/data/yara/Lumma.yar b/analyzer/windows/data/yara/Lumma.yar
index e1e54fcf15c..6f5c2073a97 100644
--- a/analyzer/windows/data/yara/Lumma.yar
+++ b/analyzer/windows/data/yara/Lumma.yar
@@ -19,7 +19,7 @@ rule LummaRemap
         cape_options = "ntdll-remap=0"
         packed = "7972cbf2c143cea3f90f4d8a9ed3d39ac13980adfdcf8ff766b574e2bbcef1b4"
     strings:
-        $remap = {C6 44 24 20 00 C7 44 24 1C C2 00 00 90 C7 44 24 18 00 00 FF D2 C7 44 24 14 00 BA 00 00 C7 44 24 10 B8 00 00 00 8B 01 89 44 24 11}
+        $remap = {C6 44 24 20 00 C7 44 24 1C C2 00 00 90 C7 44 24 18 00 00 FF D2 C7 44 24 14 00 BA 00 00 C7 44 24 10 B8 00 00 00 8B ?? 89 44 24 11}
     condition:
         uint16(0) == 0x5a4d and any of them
 }
diff --git a/data/yara/CAPE/Lumma.yar b/data/yara/CAPE/Lumma.yar
index 79963d90287..4360dbf693c 100644
--- a/data/yara/CAPE/Lumma.yar
+++ b/data/yara/CAPE/Lumma.yar
@@ -2,13 +2,14 @@ rule Lumma
 {
     meta:
         author = "kevoreilly"
-        description = "Lumma config extraction"
+        description = "Lumma Payload"
         cape_type = "Lumma Payload"
         packed = "0ee580f0127b821f4f1e7c032cf76475df9724a9fade2e153a69849f652045f8"
     strings:
         $c2 = {B8 FF FF FF FF 0F 1F 84 00 00 00 00 00 80 7C [2] 00 8D 40 01 75 F6 C7 44 [2] 00 00 00 00 8D}
         $peb = {8B 44 24 04 85 C0 74 13 64 8B 0D 30 00 00 00 50 6A 00 FF 71 18 FF 15}
         $decode = {88 1F 47 0F B6 19 41 84 DB 75 F5 C6 07 00 0F B6 1E 84 DB 74 16 46 66 2E 0F 1F 84 00 00 00 00 00}
+        $remap = {C6 44 24 20 00 C7 44 24 1C C2 00 00 90 C7 44 24 18 00 00 FF D2 C7 44 24 14 00 BA 00 00 C7 44 24 10 B8 00 00 00 8B ?? 89 44 24 11}
     condition:
         uint16(0) == 0x5a4d and any of them
 }