diff --git a/salt/sensoroni/files/analyzers/threatfox/threatfox.json b/salt/sensoroni/files/analyzers/threatfox/threatfox.json
index 2ae3ca909..e9640e7d5 100644
--- a/salt/sensoroni/files/analyzers/threatfox/threatfox.json
+++ b/salt/sensoroni/files/analyzers/threatfox/threatfox.json
@@ -1,6 +1,6 @@
 {
   "name": "Threatfox",
-  "version": "0.2",
+  "version": "0.3",
   "author": "Security Onion Solutions",
   "description": "This analyzer queries Threatfox to see if a domain, hash, or IP is considered malicious.",
   "supportedTypes" :  ["domain","hash","ip"],
diff --git a/salt/sensoroni/files/analyzers/threatfox/threatfox.py b/salt/sensoroni/files/analyzers/threatfox/threatfox.py
index a20f072ed..02311bfab 100644
--- a/salt/sensoroni/files/analyzers/threatfox/threatfox.py
+++ b/salt/sensoroni/files/analyzers/threatfox/threatfox.py
@@ -51,7 +51,7 @@ def prepareResults(raw):
             status = 'info'
         else:
             status = 'ok'
-    elif raw != {} and raw['query_status'] in ['no_result', 'illegal_search_term', 'illegl_hash']:
+    elif raw != {} and raw['query_status'] in ['no_result', 'illegal_search_term', 'illegal_hash']:
         status = 'info'
         summary = 'no result'
     else: