diff --git a/datasets/attack_techniques/T1112/remote_access_reg/remote_access_reg.log b/datasets/attack_techniques/T1112/remote_access_reg/remote_access_reg.log
new file mode 100644
index 00000000..e7ff83f3
--- /dev/null
+++ b/datasets/attack_techniques/T1112/remote_access_reg/remote_access_reg.log
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:6dcdb8e7f63ec337464ed69e3e2e197d9bda49339f33c903fc111189ac253d4f
+size 5484
diff --git a/datasets/attack_techniques/T1112/remote_access_reg/remote_access_reg.yml b/datasets/attack_techniques/T1112/remote_access_reg/remote_access_reg.yml
new file mode 100644
index 00000000..9e857498
--- /dev/null
+++ b/datasets/attack_techniques/T1112/remote_access_reg/remote_access_reg.yml
@@ -0,0 +1,13 @@
+author: Teoderick Contreras, Splunk
+id: cd569370-2768-11f1-9dd5-629be353806a
+date: '2026-03-24'
+description: Generated datasets for remote access reg in attack range.
+environment: attack_range
+directory: remote_access_reg
+mitre_technique:
+- T1112
+datasets:
+- name: remote_access_reg.log
+  path: /datasets/attack_techniques/T1112/remote_access_reg/remote_access_reg.log
+  sourcetype: 'XmlWinEventLog'
+  source: 'XmlWinEventLog:Microsoft-Windows-Sysmon/Operational'
\ No newline at end of file
diff --git a/datasets/attack_techniques/T1218.011/random_dll_extension/random_dll_extension.yml b/datasets/attack_techniques/T1218.011/random_dll_extension/random_dll_extension.yml
new file mode 100644
index 00000000..012e862a
--- /dev/null
+++ b/datasets/attack_techniques/T1218.011/random_dll_extension/random_dll_extension.yml
@@ -0,0 +1,13 @@
+author: Teoderick Contreras, Splunk
+id: 9fd9defc-2768-11f1-9dd5-629be353806a
+date: '2026-03-24'
+description: Generated datasets for random dll extension in attack range.
+environment: attack_range
+directory: random_dll_extension
+mitre_technique:
+- T1218.011
+datasets:
+- name: random_dll_rundll32.log
+  path: /datasets/attack_techniques/T1218.011/random_dll_extension/random_dll_rundll32.log
+  sourcetype: 'XmlWinEventLog'
+  source: 'XmlWinEventLog:Microsoft-Windows-Sysmon/Operational'
\ No newline at end of file
diff --git a/datasets/attack_techniques/T1218.011/random_dll_extension/random_dll_rundll32.log b/datasets/attack_techniques/T1218.011/random_dll_extension/random_dll_rundll32.log
new file mode 100644
index 00000000..0451f752
--- /dev/null
+++ b/datasets/attack_techniques/T1218.011/random_dll_extension/random_dll_rundll32.log
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:fcab984bb700abbd3fd27a150cbd70b907f608ea177c3487cb04796946f2e614
+size 8253