diff --git a/2022/2022.01.07_Patchwork_APT_India/Patchwork_Patchwork-APT-caught-in-its-own-web_MalwarebytesLabs.pdf b/2022/2022.01.07_Patchwork_APT_India/Patchwork_Patchwork-APT-caught-in-its-own-web_MalwarebytesLabs.pdf
new file mode 100644
index 0000000..49df5d0
Binary files /dev/null and b/2022/2022.01.07_Patchwork_APT_India/Patchwork_Patchwork-APT-caught-in-its-own-web_MalwarebytesLabs.pdf differ
diff --git a/2022/2022.01.07_Patchwork_APT_India/indicators.csv b/2022/2022.01.07_Patchwork_APT_India/indicators.csv
new file mode 100644
index 0000000..a770ccb
--- /dev/null
+++ b/2022/2022.01.07_Patchwork_APT_India/indicators.csv
@@ -0,0 +1,4 @@
+Hash,Filename/Domain,Description
+5b5b1608e6736c7759b1ecf61e756794cf9ef3bb4752c315527bcc675480b6c6,karachidha[.]org/docs/EOIForm.rtf,lure
+3d3598d32a75fd80c9ba965f000639024e4ea1363188f44c5d3d6d6718aaa1a3,jli.dll,RAT
+,bgre[.]kozow[.]com,C2