Update Malware analysis 26-08-19.md

Israel/APT/Unknown/26-08-19/Malware analysis 26-08-19.md

@@ -20,6 +20,11 @@
 ### Initial vector <a name="Initial-vector"></a>
 ###### The initial vector use an SFX executable, who drop a lnk file for the persistence, a vbs file and the docx file for decoys the victim. 
 ![alt text](https://raw.githubusercontent.com/StrangerealIntel/CyberThreatIntel/master/Israel/APT/Unknown/26-08-19/Images/strings.png "")
+###### We can note that the topic of the document only for decoy the victims is about a scandal in the Hamas leaders.
+![alt text](https://raw.githubusercontent.com/StrangerealIntel/CyberThreatIntel/master/Israel/APT/Unknown/26-08-19/Images/content.png "")
+###### Here the translation in english of the content of the document.
+###### A new scandal for a Hamas leader <br> In the difficult circumstances of our people in the Gaza Strip, and what the head of the family suffers in order to earn a living, but financial and moral corruption does not end in this stray rogue in the name of religion. <br> We received leaked news that RA, a Hamas leader in the northern Gaza Strip, was interrogated on charges of financial embezzlement. Investigations show that he has an affair with a girl. As the private source said to us, he was stopped from practicing any political or movement activity after this incident. <br> Question how long ????????????????? <br> For more details please email us at the following email. <br> palemptn@yahoo[.]com
+###### We can note too that the email address is valid and invite to send a mail about this event.
 ###### We can also note the multiples possibilities for push the persistence and options.
 ![alt text](https://raw.githubusercontent.com/StrangerealIntel/CyberThreatIntel/master/Israel/APT/Unknown/26-08-19/Images/lnkfile.png "")
 ###### This execute the vbs file for push the persistence in the startup menu, hide it in changing these attributes and launch the persistence (lnk file)