diff --git a/cmd/protecodeExecuteScan.go b/cmd/protecodeExecuteScan.go
index f5e72df1b..3bac12958 100644
--- a/cmd/protecodeExecuteScan.go
+++ b/cmd/protecodeExecuteScan.go
@@ -330,11 +330,15 @@ func correctDockerConfigEnvVar(config *protecodeExecuteScanOptions) {
 func getTarName(config *protecodeExecuteScanOptions) string {
 	// remove original version
 	fileName := strings.TrimSuffix(config.ScanImage, ":"+config.ArtifactVersion)
+	// remove sha digest if exists
+	sha256 := "@sha256"
+	if index := strings.Index(fileName, sha256); index > -1 {
+		fileName = fileName[:index]
+	}
 	// append trimmed version
 	if version := handleArtifactVersion(config.ArtifactVersion); len(version) > 0 {
 		fileName = fileName + "_" + version
 	}
-	// replace unwanted chars
 	fileName = strings.ReplaceAll(fileName, "/", "_")
 	return fileName + ".tar"
 }
diff --git a/cmd/protecodeExecuteScan_test.go b/cmd/protecodeExecuteScan_test.go
index 43181791e..6d526c5cc 100644
--- a/cmd/protecodeExecuteScan_test.go
+++ b/cmd/protecodeExecuteScan_test.go
@@ -399,13 +399,22 @@ func TestGetTarName(t *testing.T) {
 			"3.20.20-20200131085038+eeb7c1033339bfd404d21ec5e7dc05c80e9e985e",
 			"abc_3.tar",
 		},
-		"without version ": {
+		"without version": {
 			"abc",
 			"",
 			"abc.tar",
 		},
+		"ScanImage without sha as artifactVersion": {
+			"abc@sha256:12345",
+			"",
+			"abc.tar",
+		},
+		"ScanImage with sha as artifactVersion": {
+			"ppiper/cf-cli@sha256:c25dbacb9ab6e912afe0fe926d8f9d949c60adfe55d16778bde5941e6c37be11",
+			"c25dbacb9ab6e912afe0fe926d8f9d949c60adfe55d16778bde5941e6c37be11",
+			"ppiper_cf-cli_c25dbacb9ab6e912afe0fe926d8f9d949c60adfe55d16778bde5941e6c37be11.tar",
+		},
 	}
-
 	for name, c := range cases {
 		t.Run(name, func(t *testing.T) {
 			assert.Equal(t, c.expect, getTarName(&protecodeExecuteScanOptions{ScanImage: c.image, ArtifactVersion: c.version}))