diff --git a/APT28/README.MD b/APT28/README.MD
new file mode 100644
index 0000000..525d991
--- /dev/null
+++ b/APT28/README.MD
@@ -0,0 +1,22 @@
+### RELATED REPORT
+
+[1] https://www.welivesecurity.com/wp-content/uploads/2016/10/eset-sednit-full.pdf
+
+[2] https://www.welivesecurity.com/2017/05/09/sednit-adds-two-zero-day-exploits-using-trumps-attack-syria-decoy/
+
+[3] https://www.emanueledelucia.net/apt28-targeting-military-institutions/
+
+[4] https://www.emanueledelucia.net/apt28-sofacy-seduploader-under-the-christmas-tree/
+
+[5] https://unit42.paloaltonetworks.com/unit42-sofacy-continues-global-attacks-wheels-new-cannon-trojan/
+
+[6] https://unit42.paloaltonetworks.com/dear-joohn-sofacy-groups-global-campaign/
+
+[7] https://unit42.paloaltonetworks.com/sofacy-creates-new-go-variant-of-zebrocy-tool/
+
+[8] https://blog.trendmicro.co.jp/archives/19829
+
+[9] https://www.welivesecurity.com/2018/11/20/sednit-whats-going-zebrocy/
+
+
+
diff --git a/APT28/REALTED_REPORT.org b/APT28/REALTED_REPORT.org
deleted file mode 100644
index c166d51..0000000
--- a/APT28/REALTED_REPORT.org
+++ /dev/null
@@ -1,12 +0,0 @@
-https://www.welivesecurity.com/wp-content/uploads/2016/10/eset-sednit-full.pdf
-https://www.welivesecurity.com/2017/05/09/sednit-adds-two-zero-day-exploits-using-trumps-attack-syria-decoy/
-https://www.emanueledelucia.net/apt28-targeting-military-institutions/
-https://www.emanueledelucia.net/apt28-sofacy-seduploader-under-the-christmas-tree/
-https://unit42.paloaltonetworks.com/unit42-sofacy-continues-global-attacks-wheels-new-cannon-trojan/
-https://unit42.paloaltonetworks.com/dear-joohn-sofacy-groups-global-campaign/
-https://unit42.paloaltonetworks.com/sofacy-creates-new-go-variant-of-zebrocy-tool/
-https://blog.trendmicro.co.jp/archives/19829
-https://www.welivesecurity.com/2018/11/20/sednit-whats-going-zebrocy/
-https://twitter.com/DrunkBinary
-https://github.com/williballenthin/idawilli/blob/master/scripts/yara_fn/yara_fn.py
-https://twitter.com/r0ny_123
\ No newline at end of file