diff --git a/yml/LOLUtilz/OtherBinaries/Update.yml b/yml/LOLUtilz/OtherBinaries/Update.yml
new file mode 100644
index 0000000..6cfa0a3
--- /dev/null
+++ b/yml/LOLUtilz/OtherBinaries/Update.yml
@@ -0,0 +1,18 @@
+---
+Name: Update.exe
+Description: Binary to update the existing installed Nuget/squirrel package. Part of Whatsapp installation.
+Author: 'Jesus Galvez'
+Created: '2020-11-01'
+  - Command: Update.exe --processStart payload.exe --process-start-args "whatever args"
+    Description: Copy your payload into "%localappdata%\Whatsapp\app-[version]\". Then run the command. Update.exe will execute the file you copied.
+    Usecase: Execute binary
+    Category: Execute
+    Privileges: User
+    MitreID: T1218
+    MitreLink: https://attack.mitre.org/techniques/T1218/
+    OperatingSystem: Windows 7 and up with Whatsapp installed
+Full_Path:
+  - Path: '%localappdata%\Whatsapp\Update.exe'
+Detection: 
+  - IOC: "%localappdata%\Whatsapp\Update.exe" spawned an unknown process
+---