diff --git a/2019/2019.01.18.DarkHydrus/DarkHydrus delivers new Trojan that can use Google Drive for C2 communications.pdf b/2019/2019.01.18.DarkHydrus/DarkHydrus delivers new Trojan that can use Google Drive for C2 communications.pdf
new file mode 100644
index 0000000..1170b10
Binary files /dev/null and b/2019/2019.01.18.DarkHydrus/DarkHydrus delivers new Trojan that can use Google Drive for C2 communications.pdf differ
diff --git a/2019/2019.01.18.DarkHydrus/samples/4e40f80114e5bd44a762f6066a3e56ccdc0d01ab2a18397ea12e0bc5508215b8.zip b/2019/2019.01.18.DarkHydrus/samples/4e40f80114e5bd44a762f6066a3e56ccdc0d01ab2a18397ea12e0bc5508215b8.zip
new file mode 100644
index 0000000..6c6fa55
Binary files /dev/null and b/2019/2019.01.18.DarkHydrus/samples/4e40f80114e5bd44a762f6066a3e56ccdc0d01ab2a18397ea12e0bc5508215b8.zip differ
diff --git a/2019/2019.01.18.DarkHydrus/samples/513813af1590bc9edeb91845b454d42bbce6a5e2d43a9b0afa7692e4e500b4c8.zip b/2019/2019.01.18.DarkHydrus/samples/513813af1590bc9edeb91845b454d42bbce6a5e2d43a9b0afa7692e4e500b4c8.zip
new file mode 100644
index 0000000..48cbc14
Binary files /dev/null and b/2019/2019.01.18.DarkHydrus/samples/513813af1590bc9edeb91845b454d42bbce6a5e2d43a9b0afa7692e4e500b4c8.zip differ
diff --git a/2019/2019.01.18.DarkHydrus/samples/5cc62ad6baf572dbae925f701526310778f032bb4a54b205bada78b1eb8c479c.zip b/2019/2019.01.18.DarkHydrus/samples/5cc62ad6baf572dbae925f701526310778f032bb4a54b205bada78b1eb8c479c.zip
new file mode 100644
index 0000000..09cfa7e
Binary files /dev/null and b/2019/2019.01.18.DarkHydrus/samples/5cc62ad6baf572dbae925f701526310778f032bb4a54b205bada78b1eb8c479c.zip differ
diff --git a/2019/2019.01.18.DarkHydrus/samples/e068c6536bf353abe249ad0464c58fb85d7de25223442dd220d64116dbf1e022.zip b/2019/2019.01.18.DarkHydrus/samples/e068c6536bf353abe249ad0464c58fb85d7de25223442dd220d64116dbf1e022.zip
new file mode 100644
index 0000000..20c07fc
Binary files /dev/null and b/2019/2019.01.18.DarkHydrus/samples/e068c6536bf353abe249ad0464c58fb85d7de25223442dd220d64116dbf1e022.zip differ
diff --git a/2019/2019.01.18.DarkHydrus/samples/eb33a96726a34dd60b053d3d1048137dffb1bba68a1ad6f56d33f5d6efb12b97.zip b/2019/2019.01.18.DarkHydrus/samples/eb33a96726a34dd60b053d3d1048137dffb1bba68a1ad6f56d33f5d6efb12b97.zip
new file mode 100644
index 0000000..31bc6e7
Binary files /dev/null and b/2019/2019.01.18.DarkHydrus/samples/eb33a96726a34dd60b053d3d1048137dffb1bba68a1ad6f56d33f5d6efb12b97.zip differ
diff --git a/2019/2019.01.18.DarkHydrus/samples/f1b2bc0831445903c0d51b390b1987597009cc0fade009e07d792e8d455f6db0.zip b/2019/2019.01.18.DarkHydrus/samples/f1b2bc0831445903c0d51b390b1987597009cc0fade009e07d792e8d455f6db0.zip
new file mode 100644
index 0000000..bfef678
Binary files /dev/null and b/2019/2019.01.18.DarkHydrus/samples/f1b2bc0831445903c0d51b390b1987597009cc0fade009e07d792e8d455f6db0.zip differ
diff --git a/README.md b/README.md
index 7f7fa79..046149b 100644
--- a/README.md
+++ b/README.md
@@ -26,6 +26,7 @@ Please fire issue to me if any lost APT/Malware events/campaigns.
 * Jan 30 - [[NSHC] The Double Life of SectorA05 Nesting in Agora (Operation Kitty Phishing](https://threatrecon.nshc.net/2019/01/30/operation-kitty-phishing) | [Local](../../blob/master/2019/2019.01.30.Operation_Kitty_Phishing)
 * Jan 30 - [[Morphisec] NEW CAMPAIGN DELIVERS ORCUS RAT](http://blog.morphisec.com/new-campaign-delivering-orcus-rat) | [Local](../../blob/master/2019/2019.01.30.ORCUS_RAT)
 * Jan 24 - [[Carbon Black] GandCrab and Ursnif Campaign](https://www.carbonblack.com/2019/01/24/carbon-black-tau-threatsight-analysis-gandcrab-and-ursnif-campaign/) | [Local](../../blob/master/2019/2019.01.24.GandCrab_and_Ursnif)
+* Jan 18 - [[Palo Alto Network] DarkHydrus delivers new Trojan that can use Google Drive for C2 communications](https://unit42.paloaltonetworks.com/darkhydrus-delivers-new-trojan-that-can-use-google-drive-for-c2-communications/) | [Local](../../blob/master/2019/2019.01.18.DarkHydrus)
 * Jan 17 - [[Palo Alto Network] Malware Used by “Rocke” Group Evolves to Evade Detection by Cloud Security Products](https://unit42.paloaltonetworks.com/malware-used-by-rocke-group-evolves-to-evade-detection-by-cloud-security-products/) | [Local](../../blob/master/2019/2019.01.17.Rocke_Group)
 * Jan 16 - [[360] Latest Target Attack of DarkHydruns Group Against Middle East](https://ti.360.net/blog/articles/latest-target-attack-of-darkhydruns-group-against-middle-east-en/) | [Local](../../blob/master/2019/2019.01.16.DarkHydruns)