diff --git a/Windows_Sysmon/MITRE_TECHNIQUES_FROM_SYSMON_EVENT13.xml b/Windows_Sysmon/MITRE_TECHNIQUES_FROM_SYSMON_EVENT13.xml
index 64dbbb6..afce66a 100644
--- a/Windows_Sysmon/MITRE_TECHNIQUES_FROM_SYSMON_EVENT13.xml
+++ b/Windows_Sysmon/MITRE_TECHNIQUES_FROM_SYSMON_EVENT13.xml
@@ -438,5 +438,16 @@
 </mitre>
 <options>no_full_log</options>
 <group>sysmon_event_13,</group>
+</rule>
+  <!-- Sysmon - Event 13: PsExec Detection -->
+<rule id="112141" level="13">
+<if_sid>61615</if_sid>
+<field name="win.eventdata.TargetObject">\\\\PsExec\\\\EulaAccepted$</field>
+<description>Sysmon - Event 13: RegistryEvent PsExec EulaAccepted Detected</description>
+<mitre>
+<id>T1047</id>
+</mitre>
+<options>no_full_log</options>
+<group>sysmon_event_13,</group>
 </rule>
 </group>