diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json
index 98f0365..b9ff09d 100644
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@@ -12596,6 +12596,20 @@
       },
       "uuid": "b87f9ba7-f480-4ed5-b60e-b880e6b519ea",
       "value": "Altahrea Team"
+    },
+    {
+      "description": "1937CN is a Chinese hacking group that has been active since at least 2013. The group is known for targeting Vietnamese organizations, including government agencies, businesses, and media outlets. 1937CN has been linked to a number of high-profile cyberattacks, including the hacking of Vietnam Airlines in 2016 and the defacement of Vietnamese government websites in 2015.",
+      "meta": {
+        "country": "CN",
+        "refs": [
+          "https://www.trendmicro.com/en_us/research/23/b/earth-zhulong-familiar-patterns-target-southeast-asian-firms.html",
+          "https://www.recordedfuture.com/international-hacktivism-analysis/",
+          "http://securityaffairs.co/wordpress/49876/hacking/china-1937cn-team-vietnam.html",
+          "https://medium.com/@Sebdraven/malicious-document-targets-vietnamese-officials-acb3b9d8b80a"
+        ]
+      },
+      "uuid": "391573c5-9c21-4984-b6b8-97d42623d6cc",
+      "value": "1937CN"
     }
   ],
   "version": 292