diff --git a/apts/blacktech/info.md b/apts/blacktech/info.md
index 692fe81..5b97125 100644
--- a/apts/blacktech/info.md
+++ b/apts/blacktech/info.md
@@ -118,6 +118,12 @@ cb1a536e11ae1000c1b29233544377263732ca67cd679f3f6b20016fbd429817
 ```
 
 
+[7]
+```
+mx[.]msdtc.tw
+3fefceeab9f845f9ddbe9c3a0712d45aad4c87fdbb178d13955944dbe6b338a3
+168.95.1[.]1
+```
 
 
 
@@ -138,4 +144,5 @@ cb1a536e11ae1000c1b29233544377263732ca67cd679f3f6b20016fbd429817
 [2]: https://www.trendmicro.com/en_us/research/17/f/following-trail-blacktech-cyber-espionage-campaigns.html
 [3]: https://www.trendmicro.com/en_us/research/19/l/waterbear-is-back-uses-api-hooking-to-evade-security-product-detection.html
 [5]: https://blogs.jpcert.or.jp/en/2022/09/bigip-exploit.html
-[6]: https://x.com/ESETresearch/status/1382054011264700416
\ No newline at end of file
+[6]: https://x.com/ESETresearch/status/1382054011264700416
+[7]: https://cyberandramen.net/2021/02/11/blacktech-updates-elf-plead-backdoor/
\ No newline at end of file