From 6f463325b919a35b4b2cd4f768f6ecf899ecae3c Mon Sep 17 00:00:00 2001
From: Alexandre Dulaunoy <a@foo.be>
Date: Sun, 3 Nov 2019 16:01:09 +0100
Subject: [PATCH] chg: [threat-actor] jq is jq

---
 clusters/threat-actor.json | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json
index 4764bb8..58425cb 100644
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@@ -7764,8 +7764,6 @@
       "value": "Operation Soft Cell"
     },
     {
-      "value": "Operation WizardOpium",
-      "uuid": "75db4269-924b-4771-8f62-0de600a43634",
       "description": "We are calling these attacks Operation WizardOpium. So far, we have been unable to establish a definitive link with any known threat actors. There are certain very weak code similarities with Lazarus attacks, although these could very well be a false flag. The profile of the targeted website is more in line with earlier DarkHotel attacks that have recently deployed similar false flag attacks.",
       "meta": {
         "refs": [
@@ -7774,7 +7772,9 @@
         "threat-actor-classification": [
           "campaign"
         ]
-      }
+      },
+      "uuid": "75db4269-924b-4771-8f62-0de600a43634",
+      "value": "Operation WizardOpium"
     }
   ],
   "version": 138