diff --git a/offshore APT organization/DangerousPassword/2020-04-02/CSV/IOC_DangerousPassword_2020-04_02.csv b/offshore APT organization/DangerousPassword/2020-04-02/CSV/IOC_DangerousPassword_2020-04_02.csv
new file mode 100644
index 0000000..081a311
--- /dev/null
+++ b/offshore APT organization/DangerousPassword/2020-04-02/CSV/IOC_DangerousPassword_2020-04_02.csv	
@@ -0,0 +1,11 @@
+Type,Indicator,Description
+SHA256,5680bc2c24051572e2ce56da9f2722aef824ff6fefb5937c3558c91e8ce0706c,3249e2eb1eaa628dcf7c83062463bc6bad36515b130e760333da98ea8ffd362e.rar
+SHA256,cfbcd8b9f4e92856efd47ebcf48d78f704e38b555a0a97693cc52c800bdf2a7e,Password.txt.lnk
+SHA256,583bc1607ca8aafa0b6ee9a4c6870085ef3f5f1823456f930ef32b0bf2229867,iilbat.vbs
+SHA256,3c3066761bdcc0f3d12b90e1d42997efaa67f24946f8b31a501caccb0317876c,Password.txt
+SHA256,656942f633bde9aaf8acf119a43978cf8a5b70ad79e6a0a27f97a415a90ee25f,Xbox.lnk
+Domain,cloudfiles.club,Domain delivery
+Domain,msupdatepms.xyz,Domain delievry
+URL,https://bit.ly/2UiZH6V,URL delivery
+URL,https://bit.ly/3dr8YBv,URL delivery
+IP,88.204.166.59,IP C2