diff --git a/atomics/T1098/T1098.yaml b/atomics/T1098/T1098.yaml
index 37c597a7..bf3be5d7 100644
--- a/atomics/T1098/T1098.yaml
+++ b/atomics/T1098/T1098.yaml
@@ -515,3 +515,19 @@ atomic_tests:
       
     name: powershell
     elevation_required: false
+- name: Password Change on Directory Service Restore Mode (DSRM) Account
+
+  description: |
+    Change the password on the Directory Service Restore Mode (DSRM) account using ntdsutil by syncing to existing account
+  supported_platforms:
+    - windows
+  input_arguments:
+    sync_account:
+      description: Account to sync password from
+      type: String
+      default: '%username%'
+  executor:
+    name: command_prompt
+    elevation_required: true
+    command: |
+      ntdsutil "set dsrm password" "sync from domain account #{sync_account}" "q" "q"