diff --git a/ontologies/vocabs.ttl b/ontologies/vocabs.ttl
index e419b1d..07def2f 100644
--- a/ontologies/vocabs.ttl
+++ b/ontologies/vocabs.ttl
@@ -191,6 +191,20 @@ gist:ToolType
 	gist:stixTerm "tool-type-ov"^^xsd:string ;
 	.
 
+gist:WindowsPEBinaryType
+	a owl:Class ;
+	rdfs:subClassOf gist:StixCategoryObject ;
+	skos:definition """STIX 2.1 description: 
+The Windows PE binary vocabulary is currently used in the following SCO(s):
+●      File (Windows PE Binary extension)
+
+An open vocabulary of Windows PE binary types."""^^xsd:string ;
+	skos:example ""^^xsd:string ;
+	skos:note ""^^xsd:string ;
+	skos:prefLabel "Windows™ PE Binary Vocabulary"^^xsd:string ;
+	gist:stixTerm "windows-pebinary-type-ov"^^xsd:string ;
+	.
+
 gist:WindowsServiceStatus
 	a owl:Class ;
 	rdfs:subClassOf gist:StixCategoryObject ;
@@ -2662,6 +2676,30 @@ Tools used to scan systems and networks for vulnerabilities, e.g., Nessus."""^^x
 	gist:stixTerm "vulnerability-scanning"^^xsd:string ;
 	.
 
+gist:_WindowsPEBinaryType_dll
+	a gist:WindowsPEBinaryType ;
+	skos:definition """STIX 2.1 description: 
+Specifies that the PE binary is a dynamically linked library (DLL)."""^^xsd:string ;
+	skos:prefLabel "DLL"^^xsd:string ;
+	gist:stixTerm "dll"^^xsd:string ;
+	.
+
+gist:_WindowsPEBinaryType_exe
+	a gist:WindowsPEBinaryType ;
+	skos:definition """STIX 2.1 description: 
+Specifies that the PE binary is an executable image (i.e., not an OBJ or DLL)."""^^xsd:string ;
+	skos:prefLabel "EXE"^^xsd:string ;
+	gist:stixTerm "exe"^^xsd:string ;
+	.
+
+gist:_WindowsPEBinaryType_sys
+	a gist:WindowsPEBinaryType ;
+	skos:definition """STIX 2.1 description: 
+Specifies that the PE binary is a device driver (SYS)."""^^xsd:string ;
+	skos:prefLabel "SYS"^^xsd:string ;
+	gist:stixTerm "sys"^^xsd:string ;
+	.
+
 gist:_WindowsServiceStatus_service-continue-pending
 	a gist:WindowsServiceStatus ;
 	skos:definition """STIX 2.1 description: