diff --git a/offshore APT organization/DangerousPassword/2020-04-02/JSON/IOC_DangerousPassword_2020-04_02.json b/offshore APT organization/DangerousPassword/2020-04-02/JSON/IOC_DangerousPassword_2020-04_02.json
new file mode 100644
index 0000000..284d049
--- /dev/null
+++ b/offshore APT organization/DangerousPassword/2020-04-02/JSON/IOC_DangerousPassword_2020-04_02.json	
@@ -0,0 +1,52 @@
+[
+    {
+        "Type":  "SHA256",
+        "Indicator":  "5680bc2c24051572e2ce56da9f2722aef824ff6fefb5937c3558c91e8ce0706c",
+        "Description":  "3249e2eb1eaa628dcf7c83062463bc6bad36515b130e760333da98ea8ffd362e.rar"
+    },
+    {
+        "Type":  "SHA256",
+        "Indicator":  "cfbcd8b9f4e92856efd47ebcf48d78f704e38b555a0a97693cc52c800bdf2a7e",
+        "Description":  "Password.txt.lnk"
+    },
+    {
+        "Type":  "SHA256",
+        "Indicator":  "583bc1607ca8aafa0b6ee9a4c6870085ef3f5f1823456f930ef32b0bf2229867",
+        "Description":  "iilbat.vbs"
+    },
+    {
+        "Type":  "SHA256",
+        "Indicator":  "3c3066761bdcc0f3d12b90e1d42997efaa67f24946f8b31a501caccb0317876c",
+        "Description":  "Password.txt"
+    },
+    {
+        "Type":  "SHA256",
+        "Indicator":  "656942f633bde9aaf8acf119a43978cf8a5b70ad79e6a0a27f97a415a90ee25f",
+        "Description":  "Xbox.lnk"
+    },
+    {
+        "Type":  "Domain",
+        "Indicator":  "cloudfiles.club",
+        "Description":  "Domain delivery"
+    },
+    {
+        "Type":  "Domain",
+        "Indicator":  "msupdatepms.xyz",
+        "Description":  "Domain delievry"
+    },
+    {
+        "Type":  "URL",
+        "Indicator":  "https://bit.ly/2UiZH6V",
+        "Description":  "URL delivery"
+    },
+    {
+        "Type":  "URL",
+        "Indicator":  "https://bit.ly/3dr8YBv",
+        "Description":  "URL delivery"
+    },
+    {
+        "Type":  "IP",
+        "Indicator":  "88.204.166.59",
+        "Description":  "IP C2"
+    }
+]