diff --git a/Payloads/Flip-SwiftOnSysmon/Sysmon (1).zip b/Payloads/Flip-SwiftOnSysmon/Sysmon (1).zip
deleted file mode 100644
index 89eebea..0000000
Binary files a/Payloads/Flip-SwiftOnSysmon/Sysmon (1).zip and /dev/null differ
diff --git a/Payloads/Flip-SwiftOnSysmon/SwiftOnSysmon.txt b/Payloads/Flip-Sysmon/SwiftOnSysmon.txt
similarity index 96%
rename from Payloads/Flip-SwiftOnSysmon/SwiftOnSysmon.txt
rename to Payloads/Flip-Sysmon/SwiftOnSysmon.txt
index e7a6d67..193e537 100644
--- a/Payloads/Flip-SwiftOnSysmon/SwiftOnSysmon.txt
+++ b/Payloads/Flip-Sysmon/SwiftOnSysmon.txt
@@ -1,22 +1,22 @@
-REM TITLE Sysmon
-REM AUTHOR Matze
-REM Version: 1.0
-REM Target: Windows
-REM DESCRIPTION: A payload used to install Sysmon with the SwiftOnSecurity rules
-
-DELAY 3000
-GUI r
-DELAY 500
-STRING powershell saps PowerShell -verb runas
-ENTER
-REM The delay below is a longer delay for admins to put in passwords if needed.
-DELAY 8000
-REM Stage 2 (Downloading files)
-STRING Invoke-WebRequest -Uri "DROPBOX LINK HERE" -OutFile "C:\sysmon.zip"
-ENTER
-DELAY 8000
-STRING Expand-Archive C:\sysmon.zip -DestinationPath "C:\Sysmon"
-ENTER
-DELAY 5000
-STRING C:\Sysmon\Sysmon.ps1 
+REM TITLE Sysmon
+REM AUTHOR Matze
+REM Version: 1.0
+REM Target: Windows
+REM DESCRIPTION: A payload used to install Sysmon with the SwiftOnSecurity rules
+
+DELAY 3000
+GUI r
+DELAY 500
+STRING powershell saps PowerShell -verb runas
+ENTER
+REM The delay below is a longer delay for admins to put in passwords if needed.
+DELAY 8000
+REM Stage 2 (Downloading files)
+STRING Invoke-WebRequest -Uri "DROPBOX LINK HERE" -OutFile "C:\sysmon.zip"
+ENTER
+DELAY 8000
+STRING Expand-Archive C:\sysmon.zip -DestinationPath "C:\Sysmon"
+ENTER
+DELAY 5000
+STRING C:\Sysmon\Sysmon.ps1 
 ENTER
\ No newline at end of file
diff --git a/Payloads/Flip-SwiftOnSysmon/Sysmon.zip b/Payloads/Flip-Sysmon/Sysmon.zip
similarity index 100%
rename from Payloads/Flip-SwiftOnSysmon/Sysmon.zip
rename to Payloads/Flip-Sysmon/Sysmon.zip