diff --git a/persistence/startup-folder/write-file-to-startup-folder.yml b/persistence/startup-folder/write-file-to-startup-folder.yml
index 87f9526a..9465a53f 100644
--- a/persistence/startup-folder/write-file-to-startup-folder.yml
+++ b/persistence/startup-folder/write-file-to-startup-folder.yml
@@ -19,13 +19,10 @@ rule:
         - or:
           - match: copy file
           - match: move file
-          - match: host-interaction/file-system/write
+          - match: write file on Windows
       - call:
         - and:
-          - or:
-            - string: /Microsoft\\Windows\\Start Menu\\Programs\\Startup\\/i
-            - string: /Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\/i
-            - string: /WINNT\\Profiles\\All Users\\Start Menu\\Programs\\Startup\\/i
+          - match: reference startup folder
           - or:
             - match: copy file
             - match: move file