diff --git a/offshore APT organization/Bitter/27-08-19/decrypt/Readme.md b/offshore APT organization/Bitter/27-08-19/decrypt/Readme.md
new file mode 100644
index 0000000..87cc30d
--- /dev/null
+++ b/offshore APT organization/Bitter/27-08-19/decrypt/Readme.md	
@@ -0,0 +1,10 @@
+## Tool for decoding the encoded strings of ArtraDownloader
+##### This tool decoding the encoded strings of the three variants of ArtraDownloader used by the APT Bitter group (August 2019)
+##### The following syntax is the next :
+```sh
+> decrypt.ps1 "[Encoded string]" [Num Variant]
+```
+##### This will be give you the following result :
+![alt text](https://raw.githubusercontent.com/StrangerealIntel/CyberThreatIntel/master/offshore%20APT%20organization/Bitter/27-08-19/decrypt/Result.png)
+##### URL Tool : https://github.com/StrangerealIntel/CyberThreatIntel/blob/master/offshore%20APT%20organization/Bitter/27-08-19/decrypt/decrypt.ps1
+##### Ref Analysis:  https://unit42.paloaltonetworks.com/multiple-artradownloader-variants-used-by-bitter-to-target-pakistan/