From 38eb6e76291d59b5780e9af864a2686b7f123f84 Mon Sep 17 00:00:00 2001
From: Amanda Rousseau <amanda@amanda-mbp.local>
Date: Sun, 26 Mar 2017 00:17:51 -0700
Subject: [PATCH] updating triage

---
 triage.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/triage.md b/triage.md
index a5404a3..03d35e5 100644
--- a/triage.md
+++ b/triage.md
@@ -84,6 +84,7 @@ You can use the **Malware Analysis Report** template [HERE](https://securedorg.g
 5. Calculate the hash using **quickhash**, go to virustotal.com and search the hash
 6. Open the file in **BinText** and record any interesting strings
 7. Quick Detonation
+
 The point of the quick detonation is to capture the filesystem, registry, and connection activity. The VMs are set up in such a way that the Victim VM's internet traffic is captured by the Sniffer VM.
 ![alt text](https://securedorg.github.io/images/triageVMs.gif "Victim and Sniffer")