diff --git a/datasets/attack_techniques/T1036/executables_suspicious_file_path/executables_suspicious_file_path_old.yml b/datasets/attack_techniques/T1036/executables_suspicious_file_path/executables_suspicious_file_path_old.yml
index cfde589e..997135c6 100644
--- a/datasets/attack_techniques/T1036/executables_suspicious_file_path/executables_suspicious_file_path_old.yml
+++ b/datasets/attack_techniques/T1036/executables_suspicious_file_path/executables_suspicious_file_path_old.yml
@@ -3,9 +3,14 @@ id: 44ea25a8-f053-11ef-bb6f-629be3538068
 date: '2025-02-21'
 description: Generated datasets for executables suspicious file path in attack range.
 environment: attack_range
-dataset:
-- https://media.githubusercontent.com/media/splunk/attack_data/master/datasets/attack_techniques/T1036/executables_suspicious_file_path/exec_susp_path2.log
-sourcetypes:
-- 'XmlWinEventLog:Microsoft-Windows-Sysmon/Operational'
+directory: executables_suspicious_file_path
+mitre_technique:
+  - T1036
+datasets:
+  - name: exec_susp_path2
+    path: https://media.githubusercontent.com/media/splunk/attack_data/master/datasets/attack_techniques/T1036/executables_suspicious_file_path/exec_susp_path2.log
+    sourcetype: XmlWinEventLog
+    source: XmlWinEventLog:Microsoft-Windows-Sysmon/Operational
+
 references:
-- https://twitter.com/pr0xylife/status/1590394227758104576
\ No newline at end of file
+  - https://twitter.com/pr0xylife/status/1590394227758104576