diff --git a/apts/blacktech/info.md b/apts/blacktech/info.md
index 4aa7a13..4150149 100644
--- a/apts/blacktech/info.md
+++ b/apts/blacktech/info.md
@@ -841,7 +841,117 @@ music.ftp.sh
 forums.happyforever.com
 ```
 
+[11]
+```
+https[:]//wwww.uinvest-europe[.]com/pfxg.bin
+```
 
+[12]
+
+
+```
+
+TsCookie
+
+6d2f5675630d0dae65a796ac624fb90f42f35fbe5dec2ec8f4adce5ebfaabf75
+cdf0e4c415eb55bccb43a650e330348b63bc3cbb53f71a215c44ede939b4b830
+17f1996ad7e602bd2a7e9524d7d70ee8588dac51469b08017df9aaaca09d8dd9
+1fa7cbe57eedea0ebc8eb37b91e7536c07be7da7775a6c01e5b14489387b9ca8
+e451a1e05c0cc363a185a98819cd2af421ac87154702bf72007ecc0134c7f417
+1da9b4a84041b8c72dad9626db822486ce47b9a3ab6b36c41b0637cd1f6444d6
+35f966187098ac42684361b2a93b0cee5e2762a0d1e13b8d366a18bccf4f5a91
+0683437aebd980c395a83e837a6056df1a21e137e875f234d1ed9f9a91dfdc7f
+0debbcc297cb8f9b81c8c217e748122243562357297b63749c3847af3b7fd646
+96306202b0c4495cf93e805e9185ea6f2626650d6132a98a8f097f8c6a424a33
+6b66c6d8859dfe06c0415be4df2bd836561d5a6eabce98ddd2ee54e89e37fd44
+06a9c71342eeb14b7e8871f77524e8acc7b86670411b854fa7f6f57c918ffd2b
+20f7f367f9cb8beca7ce1ba980fafa870863245f27fea48b971859a8cb47eb09
+f16befd79b7f8ffdaf934ef337a91a5f1dc6da54c4b2bee5fe7a0eb38e8af39e
+12b0f1337bda78f8a7963d2744668854d81e1f1b64790b74d486281bc54e6647
+201bf3cd2a723d6c728d18a9e41ff038549eac8406f453c5197a1a7b45998673
+5443ee54a532846da3182630e2bb031f54825025700bcd5f0e34802e7345c7b2
+39d7d764405b9c613dff6da4909d9bc46620beee7a7913c4666acf9e76a171e4
+afe780ba2af6c86babf2d0270156da61f556c493259d4ca54c67665c17b02023
+4a8237f9ecdad3b51ffd00d769e23f61f1e791f998d1959ad9b61d53ea306c09
+203c924cd274d052e8e95246d31bd168f3d8a0700a774c98eff882c8b8399a2f
+
+220.130.216.76
+60.244.52.29
+45.76.102.145
+jpcerts.jpcertinfo.com
+jpcert.ignorelist.com
+twnicsi.ignorelist.com
+twcertcc.jumpingcrab.com
+okinawas.ssl443.org
+apk36501.flnet.org
+appinfo.fairuse.org
+carcolors.effers.com
+edu.microsoftmse.com
+eoffice.etowns.org
+epayplus.flnet.org
+fatgirls.fatdiary.org
+gethappy.effers.com
+iawntsilk.dnset.com
+inewdays.csproject.org
+ktyguxs.dnset.com
+lang.suroot.com
+langlang.dnset.com
+longdays.csproject.org
+lookatinfo.dnset.com
+newtowns.flnet.org
+ntp.ukrootns1.com
+office.dns04.com
+savecars.dnset.com
+splashed.effers.com
+sslmaker.ssl443.org
+
+TSCookieRAT
+
+2bd13d63797864a70b775bd1994016f5052dc8fd1fd83ce1c13234b5d304330d
+
+
+```
+
+[12]
+```
+flagpro
+
+54e6ea47eb04634d3e87fd7787e2136ccfbcc80ade34f246a12cf93bab527f6b
+e197c583f57e6c560b576278233e3ab050e38aa9424a5d95b172de66f9cfe970
+655ca39beb2413803af099879401e6d634942a169d2f57eb30f96154a78b2ad5
+840ce62f92fc519cd1a33b62f4b9f92a962b7fb28c12d2f607dec0b520e6a4b2
+ba27ae12e6f3c2c87fd2478072dfa2747d368a507c69cd90b653c9e707254a1d
+77680fb906476f0d84e15d5032f09108fdef8933bcad0b941c9f375fedd0b2c9
+e81255ff6e0ed937603748c1442ce9d6588decf6922537037cf3f1a7369a8876
+45[.]76.184.227
+45[.]32.23.140
+139[.]162.87.180
+107[.]191.61.40
+172[.]104.109.217
+org.misecure[.]com
+update.centosupdates[.]com
+```
+
+
+[13]
+```
+plead malware
+
+80AE7B26AC04C93AD693A2D816E8742B906CC0E3
+62A693F5E4F92CCB5A2821239EFBE5BD792A46CD
+B01D8501F1EEAF423AA1C14FCC816FAB81AC8ED8
+11A5D1A965A3E1391E840B11705FFC02759618F8
+239786038B9619F9C22401B110CF0AF433E0CEAD
+
+1DB4650A89BC7C810953160C6E41A36547E8CF0B
+CA160884AE90CFE6BEC5722FAC5B908BF77D9EEF
+9C4F8358462FAFD83DF51459DBE4CD8E5E7F2039
+13D064741B801E421E3B53BC5DABFA7031C98DD9
+
+amazon.panasocin[.]com
+office.panasocin[.]com
+okinawas.ssl443[.]org
+```
 
 
 
@@ -855,4 +965,6 @@ forums.happyforever.com
 [7]: https://cyberandramen.net/2021/02/11/blacktech-updates-elf-plead-backdoor/
 [8]: https://blogs.jpcert.or.jp/en/2020/03/elf-tscookie.html
 [9]: https://teamt5.org/tw/posts/technical-analysis-on-backdoor-bifrost-of-the-Chinese-apt-group-huapi/
-[10]: https://www.freebuf.com/column/159865.html
\ No newline at end of file
+[10]: https://www.freebuf.com/column/159865.html
+[11]: https://x.com/8th_grey_owl/status/1481433481485844483
+[12]: https://jp.security.ntt/tech_blog/102hf3q
\ No newline at end of file