diff --git a/yara/thor-hacktools.yar b/yara/thor-hacktools.yar
index 600b80c..41c1a22 100644
--- a/yara/thor-hacktools.yar
+++ b/yara/thor-hacktools.yar
@@ -2848,14 +2848,18 @@ rule mimikatz
       $exe_x64_1      = { 33 ff 4? 89 37 4? 8b f3 45 85 c? 74}
       $exe_x64_2      = { 4c 8b df 49 [0-3] c1 e3 04 48 [0-3] 8b cb 4c 03 [0-3] d8 }
 
+/*
       $dll_1         = { c7 0? 00 00 01 00 [4-14] c7 0? 01 00 00 00 }
       $dll_2         = { c7 0? 10 02 00 00 ?? 89 4? }
+*/
 
       $sys_x86      = { a0 00 00 00 24 02 00 00 40 00 00 00 [0-4] b8 00 00 00 6c 02 00 00 40 00 00 00 }
       $sys_x64      = { 88 01 00 00 3c 04 00 00 40 00 00 00 [0-4] e8 02 00 00 f8 02 00 00 40 00 00 00 }
 
    condition:
-      (all of ($exe_x86_*)) or (all of ($exe_x64_*)) or (all of ($dll_*)) or (any of ($sys_*))
+      (all of ($exe_x86_*)) or (all of ($exe_x64_*))
+      // or (all of ($dll_*))
+      or (any of ($sys_*))
 }
 
 rule wce