diff --git a/apts/blacktech/info.md b/apts/blacktech/info.md
index 6e5d4ed..692fe81 100644
--- a/apts/blacktech/info.md
+++ b/apts/blacktech/info.md
@@ -111,6 +111,24 @@ cb1a536e11ae1000c1b29233544377263732ca67cd679f3f6b20016fbd429817
 
 
 
+[6]
+```
+638cfbe609d7f3e88767133be5ea5f9a75f1d703275f38eb9ec2414e179483b9
+220[.]135[.]71[.]92:443 C2
+```
+
+
+
+
+
+
+
+
+
+
+
+
+
 
 
 
@@ -119,4 +137,5 @@ cb1a536e11ae1000c1b29233544377263732ca67cd679f3f6b20016fbd429817
 [1]: https://www.security.com/threat-intelligence/palmerworm-blacktech-espionage-apt
 [2]: https://www.trendmicro.com/en_us/research/17/f/following-trail-blacktech-cyber-espionage-campaigns.html
 [3]: https://www.trendmicro.com/en_us/research/19/l/waterbear-is-back-uses-api-hooking-to-evade-security-product-detection.html
-[5]: https://blogs.jpcert.or.jp/en/2022/09/bigip-exploit.html
\ No newline at end of file
+[5]: https://blogs.jpcert.or.jp/en/2022/09/bigip-exploit.html
+[6]: https://x.com/ESETresearch/status/1382054011264700416
\ No newline at end of file