diff --git a/offshore APT organization/Bitter/27-08-19/YARA_Rule_Bitter_Variant1_August_2019.txt b/offshore APT organization/Bitter/27-08-19/YARA_Rule_Bitter_Variant1_August_2019.txt
index 8298aa4..6272a2a 100644
--- a/offshore APT organization/Bitter/27-08-19/YARA_Rule_Bitter_Variant1_August_2019.txt	
+++ b/offshore APT organization/Bitter/27-08-19/YARA_Rule_Bitter_Variant1_August_2019.txt	
@@ -20,15 +20,15 @@ rule ArtraDownlaoder_bin_Variant1
        
     strings:
         $string1 = "bqqmjdbujpo0y.xxx.gpsn.vsmfodpefe"
-		$string2 = "=%s&st=%d"
+	$string2 = "=%s&st=%d"
         $string3 = "Content-length: %d"                                
         $string4 = "0I0N0V0\\0o0v0"
         $string5 = "ID=%s"
         $string6 = "QPTU"
-		$string7 = "lffq.bmjwf"
-		$string8 = "Dpoofdujpo"
-		$string9 = "Iptu;"
-		$string10 = "IUUQ02/1"
+	$string7 = "lffq.bmjwf"
+	$string8 = "Dpoofdujpo"
+	$string9 = "Iptu;"
+	$string10 = "IUUQ02/1"
        
     condition:
     uint16(0) == 0x5A4D and all of ($string*) and filesize < 100KB
@@ -45,15 +45,15 @@ rule ArtraDownlaoder_mem_Variant1
  
     strings:
         $string1 = "bqqmjdbujpo0y.xxx.gpsn.vsmfodpefe"
-		$string2 = "=%s&st=%d"
+	$string2 = "=%s&st=%d"
         $string3 = "Content-length: %d"                                
         $string4 = "0I0N0V0\\0o0v0"
         $string5 = "ID=%s"
         $string6 = "QPTU"
-		$string7 = "lffq.bmjwf"
-		$string8 = "Dpoofdujpo"
-		$string9 = "Iptu;"
-		$string10 = "IUUQ02/1"
+	$string7 = "lffq.bmjwf"
+	$string8 = "Dpoofdujpo"
+	$string9 = "Iptu;"
+	$string10 = "IUUQ02/1"
 		
     condition:
         all of ($string*) and filesize > 100KB