From 43e2d635e49bec3274f1a84ba073ae0bbf8bb8d7 Mon Sep 17 00:00:00 2001
From: StrangerealIntel <54320855+StrangerealIntel@users.noreply.github.com>
Date: Wed, 25 Sep 2019 11:32:09 +0200
Subject: [PATCH] Update IOC_Donot_25-09-19.json

---
 .../APT/Donot/17-09-19/IOC_Donot_25-09-19.json   | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/Indian/APT/Donot/17-09-19/IOC_Donot_25-09-19.json b/Indian/APT/Donot/17-09-19/IOC_Donot_25-09-19.json
index 8ddfcda..1def30d 100644
--- a/Indian/APT/Donot/17-09-19/IOC_Donot_25-09-19.json
+++ b/Indian/APT/Donot/17-09-19/IOC_Donot_25-09-19.json
@@ -51,6 +51,10 @@
         "Indicator":  "C:\\Windows\\Tasks\\sinter.exe",
         "Description":  "6584b9e3849142d9c479ca58a0098636b556220e76b1ae1376f56dbdb80feb56"
     },
+    {
+        "Indicator":  "C:\\ProgramData\\AudioDriver64\\Olmapi32.dll",
+        "Description":  "bc362886422771ee4059284095c49da865ffaf73d2dbb1de3cf5f2ace568617d"
+    },
     {
         "Indicator":  "EFILE",
         "Description":  "b64691a3fff3b17eb1a169180f470bf1ea36c7793fe36e93ba8aad55fe4a5a83"
@@ -215,21 +219,25 @@
         "Indicator":  "http://sdn.host/MicrosoftSecurityScan/FRSI080222F",
         "Description":  "HTTP/HTTPS requests"
     },
+    {
+        "Indicator":  "http://account-support.site/supp/accsite/cod.php",
+        "Description":  "HTTP/HTTPS requests"
+    },
     {
         "Indicator":  "support.worldupdate.live",
-        "Description":  "Doamin C2"
+        "Description":  "Domain C2"
     },
     {
         "Indicator":  "account-support.site",
-        "Description":  "Doamin C2"
+        "Description":  "Domain C2"
     },
     {
         "Indicator":  "skillsnew.top",
-        "Description":  "Doamin C2"
+        "Description":  "Domain C2"
     },
     {
         "Indicator":  "mystrylust.pw",
-        "Description":  "Doamin C2"
+        "Description":  "Domain C2"
     },
     {
         "Indicator":  "216.170.126.139",