From 4d68b1c20598e1f1db4be5989103c9ad4734212d Mon Sep 17 00:00:00 2001
From: Deborah Servili <deborah.servili@gmail.com>
Date: Wed, 3 Oct 2018 16:28:50 +0200
Subject: [PATCH] add NukeSped

---
 clusters/rat.json | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/clusters/rat.json b/clusters/rat.json
index 17f266b..f009463 100644
--- a/clusters/rat.json
+++ b/clusters/rat.json
@@ -2923,7 +2923,22 @@
       },
       "uuid": "f6447046-f4e8-4977-9cc3-edee74ff0038",
       "value": "Hallaj PRO RAT"
+    },
+    {
+      "value": "NukeSped",
+      "description": "This threat can install other malware on your PC, including Trojan:Win32/NukeSped.B!dha and Trojan:Win32/NukeSped.C!dha. It can show you a warning message that says your files will be made publically available if you don't follow the malicious hacker's commands. \n",
+      "meta": {
+        "refs": [
+          "https://www.sophos.com/en-us/threat-center/threat-analyses/viruses-and-spyware/Troj~NukeSped-Z.aspx",
+          "https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=Backdoor:Win64/NukeSped&ThreatID=-2147238204",
+          "https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=Trojan:Win64/NukeSped!bit&ThreatID=-2147238152",
+          "https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=Win32/NukeSped",
+          "https://malwarefixes.com/threats/win32nukesped/",
+          "https://www.alienvault.com/forums/discussion/17301/alienvault-labs-threat-intelligence-update-for-usm-anywhere-march-25-march-31-2018"
+        ]
+      },
+      "uuid": "5d0369ee-c718-11e8-b328-035ed1bdca07"
     }
   ],
-  "version": 16
+  "version": 17
 }