diff --git a/rules/windows/process_creation/win_susp_psr_capture_screenshots.yml b/rules/windows/process_creation/win_susp_psr_capture_screenshots.yml
index cae1a0a4f..aa550b3e2 100644
--- a/rules/windows/process_creation/win_susp_psr_capture_screenshots.yml
+++ b/rules/windows/process_creation/win_susp_psr_capture_screenshots.yml
@@ -5,6 +5,7 @@ description: The psr.exe captures desktop screenshots and saves them on the loca
 references:
     - https://github.com/LOLBAS-Project/LOLBAS/blob/master/yml/LOLUtilz/OSBinaries/Psr.yml
     - https://www.sans.org/summit-archives/file/summit-archive-1493861893.pdf
+    - https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1113/T1113.md
 author: Beyu Denis, oscd.community
 date: 2019/10/12
 modified: 2020/08/28