diff --git a/Pakistan/APT/Gorgon/09-09-19Malware analysis 09-09-19.md b/Pakistan/APT/Gorgon/09-09-19Malware analysis 09-09-19.md
new file mode 100644
index 0000000..8fa51d0
--- /dev/null
+++ b/Pakistan/APT/Gorgon/09-09-19Malware analysis 09-09-19.md	
@@ -0,0 +1,52 @@
+# New samples, same TTPs and accounts
+## Table of Contents
+* [Malware analysis](#Malware-analysis)
+  + [Initial vector](#Initial-vector)
+* [Cyber Threat Intel](#Cyber-Threat-Intel)
+* [Indicators Of Compromise (IOC)](#IOC)
+* [References MITRE ATT&CK Matrix](#Ref-MITRE-ATTACK)
+* [Links](#Links)
+  + [Original Tweet](#Original-Tweet)
+  + [Link Anyrun](#Links-Anyrun)
+  + [Documents](#Documents)
+
+## Malware analysis <a name="Malware-analysis"></a>
+### Initial vector <a name="Initial-vector"></a>
+###### The initial vector 
+![alt text](link "")
+
+## Cyber kill chain <a name="Cyber-kill-chain"></a>
+###### The process graph resume the cyber kill chain used by the attacker.
+![alt text](https://raw.githubusercontent.com/StrangerealIntel/CyberThreatIntel/master/Pakistan/APT/Gorgon/09-09-19/Images/Cyberkillchain.png "")
+## Cyber Threat Intel <a name="Cyber-Threat-Intel"></a>
+## References MITRE ATT&CK Matrix <a name="Ref-MITRE-ATTACK"></a>
+###### List of all the references with MITRE ATT&CK Matrix
+
+|Enterprise tactics|Technics used|Ref URL|
+| :---------------: |:-------------| :------------- |
+||||
+||||
+||||
+
+## Indicators Of Compromise (IOC) <a name="IOC"></a>
+
+###### List of all the Indicators Of Compromise (IOC)
+
+| Indicator     | Description|
+| ------------- |:-------------:|
+|||
+||Domain requested|
+||IP requested|
+||HTTP/HTTPS requests||
+||IP C2|
+||Domain C2|
+###### This can be exported as JSON format [Export in JSON]()	
+
+## Links <a name="Links"></a>
+###### Original tweet: [https://twitter.com/Rmy_Reserve/status/1171381881461338112](https://twitter.com/Rmy_Reserve/status/1171381881461338112) <a name="Original-Tweet"></a>
+* [Ref previous analysis:](https://github.com/StrangerealIntel/CyberThreatIntel/blob/master/Pakistan/APT/Gorgon/23-08-19/Malware%20analysis%2025-08-19.md)
+###### Links Anyrun: <a name="Links-Anyrun"></a>
+* [0ec07af14a5338805ed45bcc0a90b20811fd0c9b57ab0f5e1cfd97cd1696c1c2.xls](https://app.any.run/tasks/bb1279af-7fff-4b37-8439-7b303f113082)
+* [PO # 8872521.xlt](https://app.any.run/tasks/ff27dd57-9484-4c1c-9a13-6eedf3ede657)
+###### Documents: <a name="Documents"></a>
+* [link]()
