From 1b19f99f879350d75194a3d7d30542662f450c47 Mon Sep 17 00:00:00 2001
From: Deborah Servili <deborah.servili@gmail.com>
Date: Fri, 9 Mar 2018 14:29:24 +0100
Subject: [PATCH] add ghotex

---
 clusters/tool.json | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/clusters/tool.json b/clusters/tool.json
index 132ec37..871539e 100644
--- a/clusters/tool.json
+++ b/clusters/tool.json
@@ -3806,6 +3806,15 @@
           "https://www.csoonline.com/article/2132422/malware-cybercrime/cyberespionage-malware--miniflame--discovered.html"
         ]
       }
+    },
+    {
+      "value": "GHOTEX",
+      "description": "PE_GHOTEX.A-O is a portable executable (PE is the standard executable format for 32-bit Windows files) virus. PE viruses infect executable Windows files by incorporating their code into these files such that they are executed when the infected files are opened.",
+      "meta": {
+        "refs": [
+          "https://www.trendmicro.com/vinfo/dk/threat-encyclopedia/archive/malware/pe_ghotex.a-o"
+        ]
+      }
     }
   ]
 }