diff --git a/datasets/attack_techniques/T1197/bitsadmin-download-file-new/bitsadmin-download-file-new.yml b/datasets/attack_techniques/T1197/bitsadmin-download-file-new/bitsadmin-download-file-new.yml
new file mode 100644
index 00000000..e88fad2a
--- /dev/null
+++ b/datasets/attack_techniques/T1197/bitsadmin-download-file-new/bitsadmin-download-file-new.yml
@@ -0,0 +1,13 @@
+author: PB
+id: 860011fc-435b-47bf-bed3-16c1654c18ea
+date: '2025-11-18'
+description: Attack data for detection BITSAdmin Download File New
+environment: attack_range
+directory: bitsadmin-download-file-new
+mitre_technique:
+- T1197
+datasets:
+- name: data
+  path: datasets/attack_techniques/T1197/bitsadmin-download-file-new/data.log
+  sourcetype: XmlWinEventLog
+  source: XmlWinEventLog:Microsoft-Windows-Sysmon/Operational
diff --git a/datasets/attack_techniques/T1197/bitsadmin-download-file-new/data.log b/datasets/attack_techniques/T1197/bitsadmin-download-file-new/data.log
new file mode 100644
index 00000000..0edd6fe9
--- /dev/null
+++ b/datasets/attack_techniques/T1197/bitsadmin-download-file-new/data.log
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:4b4de4a252c146972a4d03dcc0e416623222cccdd1cf71b9c6988eced3e23fad
+size 33132