diff --git a/atomics/Indexes/index.yaml b/atomics/Indexes/index.yaml
index 7ce3b646..4b5c3fb2 100644
--- a/atomics/Indexes/index.yaml
+++ b/atomics/Indexes/index.yaml
@@ -42995,8 +42995,27 @@ defense-evasion:
           description: Path of folder to recursively set permissions on
           type: path
           default: C:\Users\Public\*
+        file_path:
+          description: Path of folder permission back
+          type: Path
+          default: "%temp%\\T1222.001-folder-perms-backup.txt"
+      dependency_executor_name: command_prompt
+      dependencies:
+      - description: 'Backup of original folder permissions should exist (for use
+          in cleanup commands)
+
+'
+        prereq_command: 'IF EXIST #{file_path} ( EXIT 0 ) ELSE ( EXIT 1 )
+
+'
+        get_prereq_command: 'icacls #{path} /save #{file_path} /t /q >nul 2>&1
+
+'
       executor:
         command: icacls "#{path}" /grant Everyone:F /T /C /Q
+        cleanup_command: 'icacls ''#{path}'' /restore #{file_path} /q >nul 2>&1
+
+'
         name: command_prompt
         elevation_required: true
   T1220:
diff --git a/atomics/T1222.001/T1222.001.md b/atomics/T1222.001/T1222.001.md
index 576c3ad0..def6c2c7 100644
--- a/atomics/T1222.001/T1222.001.md
+++ b/atomics/T1222.001/T1222.001.md
@@ -224,6 +224,7 @@ You can set your own path variable to "C:\*" if you prefer.
 | Name | Description | Type | Default Value | 
 |------|-------------|------|---------------|
 | path | Path of folder to recursively set permissions on | path | C:&#92;Users&#92;Public&#92;*|
+| file_path | Path of folder permission back | Path | %temp%&#92;T1222.001-folder-perms-backup.txt|
 
 
 #### Attack Commands: Run with `command_prompt`!  Elevation Required (e.g. root or admin) 
@@ -233,9 +234,25 @@ You can set your own path variable to "C:\*" if you prefer.
 icacls "#{path}" /grant Everyone:F /T /C /Q
 ```
 
+#### Cleanup Commands:
+```cmd
+icacls '#{path}' /restore #{file_path} /q >nul 2>&1
+```
 
 
 
+#### Dependencies:  Run with `command_prompt`!
+##### Description: Backup of original folder permissions should exist (for use in cleanup commands)
+##### Check Prereq Commands:
+```cmd
+IF EXIST #{file_path} ( EXIT 0 ) ELSE ( EXIT 1 ) 
+```
+##### Get Prereq Commands:
+```cmd
+icacls #{path} /save #{file_path} /t /q >nul 2>&1
+```
+
+
 
 
 <br/>
