diff --git a/configs/recon-rename-wmi-cmd-evasion.json b/configs/recon-rename-wmi-cmd-evasion.json
index f68666e..b402e87 100755
--- a/configs/recon-rename-wmi-cmd-evasion.json
+++ b/configs/recon-rename-wmi-cmd-evasion.json
@@ -1,15 +1,15 @@
 {
-	"description": "Recon payload with powershell renaming, and PS command execution via WMI, including evasion",
+	"description": "Recon payload with powershell renaming, and PS command execution via WMI, including process check evasion",
 	"template": "templates/payloads/recon-rename-wmi-cmd-evasion.vba",
 	"varcount": 150,
 	"encodingoffset": 4,
 	"chunksize": 200,
 	"encodedvars":{
 				"URL":"FULL URL THAT LOGS POST REQUESTS",
-                "PROCESS_NAME":"outlook.exe",
-                "SRC": "C:\\Windows\\System32\\WindowsPowershell\\v1.0\\powershell.exe",
-                "DST": "FILENAME.EXE",
-                "TEMP": "TEMP"
+                		"PROCESS_NAME":"outlook.exe",
+                		"SRC": "C:\\Windows\\System32\\WindowsPowershell\\v1.0\\powershell.exe",
+                		"DST": "FILENAME.EXE",
+                		"TEMP": "TEMP"
 			},
 	"vars": 	[],
 	"evasion": 	["encoder", "process"],