From 7a3746422aea675ae1c5beb32d70ee3382d3dfdb Mon Sep 17 00:00:00 2001
From: junk <junk@noreply.localhost>
Date: Thu, 9 Jan 2025 19:52:29 -0500
Subject: [PATCH] Update apts/blacktech/info.md

---
 apts/blacktech/info.md | 681 ++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 680 insertions(+), 1 deletion(-)

diff --git a/apts/blacktech/info.md b/apts/blacktech/info.md
index ff38ca8..4aa7a13 100644
--- a/apts/blacktech/info.md
+++ b/apts/blacktech/info.md
@@ -162,6 +162,684 @@ rule RAT_BiFrost_UNIX
 }
 ```
 
+[10]
+```
+3cc380f2e0f3333e064f37666631962e6
+
+34e38d4b970be9f19b6f29c83023b498
+
+dc60b65a6082e800ac55d39aca18c1b
+
+b3dfe482568c508bc21f8da8a291f2cd
+
+57c0114780d2860a3adbae095c72a97d
+
+5fc4a20161b6d95d5bd0c0567472c4b0
+
+1134972f093ab1ef08b912cabbc43b39
+
+6b022a8cea1bd0e3b511961c7f12da0e
+
+58ebad50377af27347a4a216625ec8c7
+
+bc6b1264f9dfebdde7a4b94ff0f61c83
+
+b0969efc34fe6d06542942b14295305b
+
+4085f90f6934422921bd8602f0a975c0
+
+fda02aaff2ea8c91283f1041257cf36f
+
+f0d23a1d2db6f1c52e46f1f0c09ab98
+
+0fd48bd160854bea6e9df66a9451b9ed
+
+f3ebe8a08320fe1106e3932873a4bfe
+
+f9fb509be917ac38f440e716fa6a332
+
+8c2e717c09cee5234bec059decc04fbc
+
+3d356c2d84c39bab9fcb1fea1a132f6a
+
+2267326efac998fa4ddbc7d8e3940c0d
+
+3c4fe121835467d056a7b60eaf3257b
+
+5708d6c871e56833020be00fcac9b4fa
+
+23b1717f7690f2670585ce42abcf07c0
+
+dcd88df79393a92bbf29824580649d0c
+
+fa4bb0c43fcfaaa4d98d6322c376281d
+
+87835a271ff098d7a0a44e45be83a9d8
+
+3b30e94191d82f3566de058a60c4ce41
+
+462372c1f7f27ad12cc452dbb3358122
+
+d152bfd10a93bf3db0fcacbc3455e9a
+
+1c00baebd1d2979a1009652dbc58c1fd
+
+6a97ff47b8d715be62305ff15fb47332
+
+9b6f818f769655c8618ae0420bc994ec
+
+0f8c95206cbfe067d033185b37de467
+
+3470568793761e75d72eb0c99a4bb6ec
+
+c74a645b0a52812f026f5cfe6d168f40
+
+c56f890e9a3e4d9ffd2aba80d95b2f89
+
+6ea02a64df51ab2f12530ffd2e3688de
+
+dbeb16d8745a9b9b0daf946d2caecae0
+
+acc03ef1eef25c397972ae27087621a6
+
+97fdb683e7b56bdf198d2b4c0e9b2715
+
+3406ce96eaafd68fa469af2409ad6ffe
+
+639637d46f64f4e0164e704be98c7c67
+
+f5cce3e8c5d8d24edca83ae34d505d61
+
+5a7d8fe286333416796cefc19b0f5cba
+
+87af1c51d21d13899db75f675b1faa87
+
+289286f8289b707d41e74a199a88be64
+
+c6dc9f750f5ddb01f92ab2b062b80a
+
+296dcc2bd1f6359466ff068c8001bbec
+
+b2559336f0e73830a411ce6032474d6e
+
+c40b172d7e99335e1724dc8ba18a42d7
+
+089d583667b28c2182be1b65b74c2ffb
+
+50ee06096d78ca5eff8d19de8aacf76e
+
+cab9d743c0868f7edfe11fa9fb99262b
+
+d39b01a44f1487c4bb3c68a528438144
+
+59e9af5b230f46df15e076cd6dd82d1e
+
+45ed3086b3d03b253f8746a174a060d1
+
+1423e253f7a8954ca3c74432b5e4d038
+
+a735b9c81e6cffd576abd914cc635aea
+
+cb612bd16abae8bdbd551e78278988f4
+
+76055e90b1e1e9d67139c7645c21092e
+
+7745f7a89aa20da8d681fee4f25741df
+
+65a4384fcbe3d010a57a8530b27e0a4e
+
+976f0e7d1b1d5a4c5dc3f714885134dd
+
+791dbd6071c8d5e04fcaad95b9b6a039
+
+808e8a7ff27e284bbd07cee65403b66c
+
+dee1f09ef83a041555ce8b1f3effab01
+
+73add080471429445ecba08d95f03b01
+
+8a81e6a62d3bdcffe074807d7173840f
+
+c288f4729f7cdce991dcf7c2b156e854
+
+fd016b952c98a8be9c51c44d2a288c71
+
+cea5d1fcf92da7212bcdc2989a3518e7
+
+463d74f0085a613c44dc9ded28ba903d
+
+6b18b1e939e5a06303220ee16f045a50
+
+062bcc4ed28b41bab70d7efc2e8b1b11
+
+468571266346f4b659b948a67e8ab005
+
+662edc1100e2d8863bf713ae47985245
+
+ab9b323901bcf38b8b990db3cae2b596
+
+bd917f5ac3dc380a6fc53c60c9223deb
+
+4bcb99623c05fc2abaa1b4090b0bee6c
+
+79f1af23d5ab729a3071d1f4c2a0606f
+
+6c3fd725a76d13447306288934ff31c
+
+9d014bc00ecb311db63beeadf0d8bb19
+
+ea1a6799ee02bcadf70b34f7801e525f
+
+d016d961bf0cf4b3aec5619b1b5ebc60
+
+73fabddce8887d0253503daa4a50fdf7
+
+f2f1156cc008c30dcd333110a3e279
+
+a11d30dcfb8cedcb56dad172b213f388
+
+f77bd5d0d0b85c0fb2f986d952891071
+
+455aa863278828122b40eb4c2987551
+
+4c4647f35c0583fb87ce4a7322d6028
+
+34a0be585725b0076e017c8fcb0fc180
+
+3214cdac71fa4313d195eb81eace4db8
+
+4892a108c084f7471b601194957ec431
+
+6c145f1ad75de785a75903a4a5d485e8
+
+63d453db999cb3a9b388180b7364d43c
+
+dc2b8aefe8bd08f196ea7a6f0caa2764
+
+3d341703a981388b3fde70173a172f89
+
+21328d7653daf14e15eefd3260568a
+
+69d83dd95abf0f3e9cccaf30d909d8ab
+
+a2bfef210952aa4177ec03000b231228
+
+8820d713e7052abe411cccb92c365783
+
+77e8503f721a715a5309f89c88f1da8c
+
+7a00205cdb74c1d5811cc3c44739a348
+
+04a420981c8724b654b30ecb13a1b9a5
+
+7f84dea46b4e29911604a2afaf1c57ab
+
+c64778a2ddcc66db666e63ca6781ef3f
+
+c6c5b4de5cc10418e2f14305d6541bd4
+
+28da4707d69de5cc3d544d6a90fff8ff
+
+259ce74e8a6ddc2507efa64371f3d45e
+
+89eb892d945034e549118cda2120c17d
+
+7021e319704ba7bddcdc37716a5c879e
+
+123a97612de9089409ad512f3bb2379a
+
+7d166e7a86084eeae5f42211ace8622c
+
+a54ef716802bfdcdf362e433efdnedab
+
+402627c57c6127187c7ee1ba9b4e11ad
+
+391974cd1e5338938faf7f9a22ee3bf5
+
+64ec5419edd9ff050d839845a0a5bea3
+
+f7675431685701edb506ffebc182f6ef
+
+2a233c4f6571a2fc3342d6edf3c1e98d
+
+2a94c32c20dd4632e0a5084b134e6344
+
+73993f9f448449f0c5c6977664cfd8fa
+
+f0c1cc799d56d58f528f41039895f8f8
+
+019ef03e6b34991c31518ceafa3c6498
+
+01a916c6863f98d8126bb75a4f291a5d
+
+c6e098547bace9c4844dd99230a525b8 
+
+413a34cb61e954c4e82a63875cce9a67
+
+1c460850b55125a7d1f554ee0203fa25
+
+886cedd85d6d4F65233cd1ae844d41e7
+
+7ca58dd5daa70dd5dc278070512eb394
+
+b7bf246b1481b24ff262cd03c53caf15
+
+410ceb4d5008887a66587130d57adeee
+
+cf128ba5945102e1b1a089032f2e4bc1
+
+cad875330c25231211fc9a416c3846b7
+
+842e7ed1d9a3148c706e2f5e80e01735
+
+cfc48c66c7630653faa136ba83617cb0
+
+7fbeaaa329ceb7deb0077d9c95b99883f
+
+e5c8b3017d309a7383c9504d7e318596
+
+737c6923effeee58717f613db304955a
+
+601a4718678a290c004b531b498e40fa
+
+18c409071622553a1d66e0a02d261f7f
+
+70b31b12a5ba644de0093970af9866b8
+
+69b4467e347dcf360ef7d2dd2a869601
+
+ec7c6b43beec56df72cb74dd28b5b1d2
+
+22ede86834e0060a88d6f45ce3982277
+
+9bb0135b4808331933490d4749d30c11
+
+4446ba673bc5c2adf31823301a4fdd3a
+
+18ca4159820c1766f358de2ffc92a271
+
+eb83262ff12ae0839058adeefb7276edb
+
+b90b0ff065be669d4d882a2861115ea5
+
+a6b48f5675c55b124908dd11635919ac
+
+9e529a8fbc25cc73bafc1e9d881f320f
+
+c8edfbeec6cbc5de1d81da3311e2536
+
+ec07db228c8b271a3e9b0325ad6a56
+
+87375cc6cdf60fc92c973ca984946e7f
+
+8edf98a3e38cf8e2a5414f2ff9a1c2a6
+
+9c863613cc5890067a9733eb15cf749e
+
+b14f8f099e4ebbaf4312eb86d739267f
+
+c22937cee87b45ba18c1631853648fb
+
+37bf2df225650b39c9874ecf392a9a9b
+
+47a0e644aae76b040aaecf7f7b75404b
+
+299d0c5f43e59fc9415d70816aee56c6
+
+76b464c98790d8f01e02d24b53f4486d
+
+93b68ae2023940bb2e8506d6131d9d27 
+
+32549e52c76cacf4a4725340c5eaaabd
+
+0db2c1195c97fc909b6fdb4b09227457
+
+5f06d234fc285ee9f127f95206696796
+
+7a1b0e86d2c7da3f52c74a4ce4b675af
+
+b9b6488f990a96a1c2f5c3e99a43a212
+
+f60de91238d965455629b12694fb9dbc
+
+926f008ef342ae1cc138687ff68a424a
+
+03823081d5de20d03cf85259ae7ee47c
+
+1fe7391ac994bf37d7ccb9c7358c4419
+
+5694a226f66e3b07aeb188a54304b371
+
+3da2ad2d32f02172623cc5dfb342e43c
+
+cc18bdaf99fa701796518db86e651702
+
+6d355a4339f92d6056f2708194213440
+
+e448666cf15651eff32e7296f2f57206
+
+5b83dcd3f6615e9b18104088523eaaf3
+
+5bb14699b14e48608d43f51c56b88a04
+
+5bc08352ad0ca4b3727bd7c509515693
+
+ea475f5a99ae4f81d23be81bdcfbb6ac
+
+0929230644a301857bac09379257883a
+
+96be4a1c418f10c50659bab0b25b9115
+
+7163a7326321ce88f14c2156c29f8386
+
+8d31ebecdf790a80175d358212b3dd19
+
+5e72bcafef281999bafeff7b9085dc7c
+
+811ad8d894c461c446843de4a9a3fd42
+
+5633009e7ce55be0213e76c74fdcf9d6
+
+17cece9c7bbe0c2d6c37056742a7a7e9
+
+0fbf6146e6478d9a6945341a45885400
+
+09d1ebf1a6c10083f8d66003418e6e06
+
+eae2ea929c754a6d65e2b216e5d32e7a
+
+e5761a294e7955bf234f7dd38b980633
+
+b04fab560ac090e0ff3f1c602f3fcfd7
+
+6ff0374bf169ddedaf2654c94b985617
+
+61d318aacfd97961a9248f696025177e
+
+593d2f1113836a49cb27cef3ce699933
+
+5699884869d8796ab33416c3af5305a2
+
+65f4245e3e7f80c47c7e5b7aa23c5920
+
+1d87a00f54a16f9c0ee135731296eb58
+
+greeting.hopewill.com
+
+beersale.servebeer.com
+
+pictures.happyforever.com
+
+cert.dynet.com
+
+soo.dtdns.net
+
+rio.onmypc.org
+
+paperspot.wikaba.com
+
+sysinfo.itemdb.com
+
+asus0213.asuscomm.com 
+
+firstme.mysecondarydns.com 
+
+nspo.itaiwans.com
+
+injure.ignorelist.com 
+
+dcns.soniceducation.com
+
+setting.herbalsolo.com
+
+kh7710103.qnoddns.org.cn
+
+zing.youdontcare.com
+
+moutain.onmypc.org
+
+icst.compress.to
+
+twcert.compress.to 
+
+festival.lflinkup.net
+
+xuite.myMom.info
+
+avira.justdied.com 
+
+showgirls.mooo.com
+
+linenews.mypicure.info
+
+zip.zyns.com
+
+sushow.xxuz.com
+
+applestore.dnset.com
+
+superapple.sendsmtp.com
+
+newspaper.otzo.com
+
+yahoo.zzux.com
+
+microsfot.ikwb.com
+
+facebook.itsaol.com
+
+amazon.otzo.com
+
+cecs.ben-wan.com
+
+av100.mynetav.net
+
+rdec.compress.to
+
+forums.toythieves.com
+
+kukupy.chatnook.com
+
+pictures.wasson.com
+
+moea.crabdance.com
+
+hinet.homenet.org
+
+freeonshop.x24hr.com
+
+blognews.onmypc.org
+
+ametoy.acmetoy.com
+
+usamovie.mylftv.com
+
+timehigh.ddns.info 
+
+ikwb55.ikwb.com
+
+dpp.edesizns.com
+
+hehagame.Got-Game.org 
+
+wendy.uberleet.com
+
+needjustword.bbsindex.com
+
+front.fartit.com
+
+accounts.fartit.com
+
+177.135.177.54
+
+18.163.14.17
+
+60.249.208.167
+
+220.133.73.13
+
+220.134.10.17
+
+122.147.248.69
+
+220.132.50.81
+
+111.249.102.102
+
+118.163.14.17
+
+59.124.71.29
+
+220.134.98.3
+
+61.219.96.18
+
+114.27.132.233
+
+123.110.131.86
+
+61.58.90.63
+
+122.117.107.178
+
+114.39.59.244
+
+61.222.32.205
+
+60.251.199.226
+
+61.56.11.42
+
+61.58.90.11
+
+123.110.131.86
+
+210.67.101.84
+
+210.242.211.175
+
+211.23.191.4
+
+203.74.123.121
+
+59.125.7.185
+
+59.125.132.175
+
+59.120.169.51
+
+125.227.241.2
+
+125.227.225.181
+
+118.163.168.223
+
+1.170.118.233
+
+dcns.chickenkiller.com
+
+subnotes.ignorelist.com
+
+mozila.strangled.net
+
+boe.pixarworks.com
+
+moc.mrface.com
+
+su27.oCry.com
+
+motc.linestw.com
+
+ting.qpoe.com 
+
+blognews.ezua.com
+
+every.b0ne.com
+
+jog.punked.us
+
+africa.themafia.info
+
+tios.nsicscores.com 
+
+dream.wikaba.com
+
+pcphoto.servehalflife.com
+
+17ublig.1dumb.com
+
+effinfo.effers.com
+
+edit.ctotw.tw
+
+tw.chatnook.com
+
+dwnic.crabdance.com
+
+asus.strangled.net
+
+furniture.home.kg
+
+newpower.jkub.com
+
+cypd.slyip.com
+
+tabf.garrarufaworld.com
+
+wordhasword.darktech.org
+
+techlaw.linestw.com
+
+techlawilo.effers.com
+
+support.bonbonkids.hk
+
+zany.strangled.net 
+
+flog.pgp.com.mx
+
+job.jobical.com
+
+picture.diohwm.com
+
+npa.dynamicdns.org.uk
+
+webmail.24-7.ro
+
+docsedit.cleansite.us
+
+fastnews.ezua.com
+
+INetGIS.faceboktw.com
+
+teacher.yahoomit.com
+
+idb.jamescyoung.com
+
+picture.brogrammer.org
+
+idb.jamescyoung.com
+
+picture.brogrammer.org
+
+movieonline.redirectme.net
+
+formosa.happyforever.com
+
+mirdc.happyforever.com
+
+webey.sbfhome.net 
+
+cust.compradecedines.com.ar
+
+cwb.soportetechmdp.com.ar 
+
+tw.shop.tm
+
+music.ftp.sh
+
+forums.happyforever.com
+```
 
 
 
@@ -176,4 +854,5 @@ rule RAT_BiFrost_UNIX
 [6]: https://x.com/ESETresearch/status/1382054011264700416
 [7]: https://cyberandramen.net/2021/02/11/blacktech-updates-elf-plead-backdoor/
 [8]: https://blogs.jpcert.or.jp/en/2020/03/elf-tscookie.html
-[9]: https://teamt5.org/tw/posts/technical-analysis-on-backdoor-bifrost-of-the-Chinese-apt-group-huapi/
\ No newline at end of file
+[9]: https://teamt5.org/tw/posts/technical-analysis-on-backdoor-bifrost-of-the-Chinese-apt-group-huapi/
+[10]: https://www.freebuf.com/column/159865.html
\ No newline at end of file