diff --git a/dynamic2.md b/dynamic2.md
index 4e58874..d5cf6c9 100644
--- a/dynamic2.md
+++ b/dynamic2.md
@@ -10,7 +10,7 @@ title: Dynamic Analysis
 Congrats, you made it through the workshop. All of your notes an debugging you should have come up with a similar control flow like the diagram and report below.
 
 *Click to Enlarge*
-[![alt text](https://securedorg.github.io/images/diagram.png "diagram")](https://securedorg.github.io/images/diagram.png)
+[![alt text](https://securedorg.github.io/images/Diagram.png "diagram")](https://securedorg.github.io/images/diagram.png)
 
 
 ## Simple Report
@@ -19,11 +19,11 @@ Filename: Unkown.exe
 
 Sha256: a635f37c16fc05e554a6c7b3f696e47e8eaf3531407cac27e357851cb710e615
 
-###Summary
+### Summary
 
 This file creates a copy of itself in the %APPDATA% location, sets persistence mechanisms, and beacons to definitely-not-evil.com. If beacon is successful, it will open a messagebox, then decrypt the resource which will then spawn a shell window to open the resource.
 
-###General Characteristics
+### General Characteristics
 
 The file is UPX packed
 
@@ -43,31 +43,52 @@ Import Functions:
 * CreateProcess
 
 
-###File System IOC
+### File System IOC
 
 CreateFile	C:\Users\victim\AppData\Roaming\dope.exe CreateFile icon.gif
 Network IOC
 
-GET /ayy HTTP/1.1 Content-Type: text/html MySpecialHeader: whatever User-Agent: definitely-not-evil.com Host: definitely-not-evil.com Cache-Control: no-cache 
+GET /ayy HTTP/1.1 
 
-###Registry IOC
+Content-Type: text/html 
+
+MySpecialHeader: whatever 
+
+User-Agent: definitely-not-evil.com 
+
+Host: definitely-not-evil.com 
+
+Cache-Control: no-cache 
+
+### Registry IOC
 
 RegQueryValue	HKCU\Software\Microsoft\Windows\CurrentVersion\Run\dope
 
-###Behavior & Control Flow
+### Behavior & Control Flow
 
 Processes Created dope.exe
 1) Starts by decoding xor strings 
+
 2) Checks to see if dope.exe already exists in %APPDATA% 
+
 3) If it doesn't exist create a copy of itself to %APPDATA% as dope.exe 
+
 4) Set the startup registry key 
+
 5) Start the newly copied dope.exe process 
+
 6) Delete the original 
+
 7) Dope.exe will check the registry key if set 
+
 8) Call out to definitely-not-evil.com 
+
 9) If the result is "lmao" it will open a messagebox and extract the resource 
+
 10) Base64 decode the resource 
+
 11) Save decoded resource as icon.gif 
+
 12) Shellexecute to open icon.gif
 
 [Section 6 <- Back](https://securedorg.github.io/RE101/section6)
\ No newline at end of file