From 72f62e65e077ac9d793dca8387cf584f5da5e55c Mon Sep 17 00:00:00 2001
From: StrangerealIntel <54320855+StrangerealIntel@users.noreply.github.com>
Date: Mon, 9 Sep 2019 15:40:06 +0200
Subject: [PATCH] Update Malware analysis 27-08-19.md

---
 Indian/APT/Patchwork/27-08-19/Malware analysis 27-08-19.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Indian/APT/Patchwork/27-08-19/Malware analysis 27-08-19.md b/Indian/APT/Patchwork/27-08-19/Malware analysis 27-08-19.md
index c3f53fa..738a19b 100644
--- a/Indian/APT/Patchwork/27-08-19/Malware analysis 27-08-19.md	
+++ b/Indian/APT/Patchwork/27-08-19/Malware analysis 27-08-19.md	
@@ -12,7 +12,7 @@
 
 ## Malware analysis <a name="Malware-analysis"></a>
 ### Initial vector <a name="Initial-vector"></a>
-###### The initial vector is an INP file (format used for the software InPage) with the exploit cve-2017-12824, we can see here the 0x7E and 0x72 represent a class of type in the stream for use, an ole stream for launch the first binary file.
+###### The initial vector is an INP file (format used for the software InPage) with the exploit CVE-2017-12824, we can see here the 0x7E and 0x72 represent a class of type in the stream for use, an ole stream for launch the first binary file.
 ![alt text](https://raw.githubusercontent.com/StrangerealIntel/CyberThreatIntel/master/Indian/APT/Patchwork/27-08-19/Images/Exploit.png "")
 ###### We can see on the strings on the dll, what extract the file in the temp folder and create a thread for the second PE file.
 ![alt text](https://raw.githubusercontent.com/StrangerealIntel/CyberThreatIntel/master/Indian/APT/Patchwork/27-08-19/Images/bin1-String.PNG "")