From a28c50203e5272c0c57f6d8b4ac55cf90e14cd27 Mon Sep 17 00:00:00 2001
From: Deborah Servili <deborah.servili@gmail.com>
Date: Tue, 14 Aug 2018 12:07:12 +0200
Subject: [PATCH] fix

---
 clusters/backdoor.json   | 8 +++-----
 clusters/ransomware.json | 8 --------
 2 files changed, 3 insertions(+), 13 deletions(-)

diff --git a/clusters/backdoor.json b/clusters/backdoor.json
index ddd6177..c2ae5bf 100644
--- a/clusters/backdoor.json
+++ b/clusters/backdoor.json
@@ -5,7 +5,7 @@
   "description": "A list of backdoor malware.",
   "name": "Backdoor",
   "source": "Open Sources",
-  "version": 2,
+  "version": 1,
   "type": "backdoor",
   "uuid": "75436e27-cb57-4f32-bf1d-9636dd78a2bf",
   "values": [
@@ -17,7 +17,6 @@
           "https://blog.jpcert.or.jp/2018/07/malware-wellmes-9b78.html"
         ]
       },
-      "description": "Cross-platform malware written in Golang, compatible with Linux and Windows. Although there are some minor differences, both variants have the same functionality. The malware communicates with a CnC server using HTTP requests and performs functions based on the received commands. Results of command execution are sent in HTTP POST requests data (RSA-encrypted). Main functionalities are: (1) Execute arbitrary shell commands, (2) Upload/Download files. The PE variant of the infection, in addition, executes PowerShell scripts. A .Net version was also observed in the wild.",
       "value": "WellMess",
       "uuid": "e0e79fab-0f1d-4fc2-b424-208cb019a9cd"
     },
@@ -33,7 +32,6 @@
         ]
       },
       "uuid": "2bb165dc-9f93-11e8-ae64-d3dbab0dd786"
-      }
-  ],
-  "version": 1
+    }
+  ]
 }
diff --git a/clusters/ransomware.json b/clusters/ransomware.json
index d740718..c6d46da 100644
--- a/clusters/ransomware.json
+++ b/clusters/ransomware.json
@@ -10371,13 +10371,5 @@
       "uuid": "c76c4d24-9f99-11e8-808d-a7f1c66a53c5"
     }
   ],
-  "source": "Various",
-  "uuid": "10cf658b-5d32-4c4b-bb32-61760a640372",
-  "name": "Ransomware",
-  "version": 28,
-  "type": "ransomware",
-  "description": "Ransomware galaxy based on https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml and http://pastebin.com/raw/GHgpWjar"
-    }
-  ],
   "version": 28
 }