From a368cda3bdd8a93202070d7dac4f2b0c6cb38e72 Mon Sep 17 00:00:00 2001
From: Alexandre Dulaunoy <a@foo.be>
Date: Fri, 23 Dec 2016 13:46:53 +0100
Subject: [PATCH] Seaduke added

---
 clusters/tool.json | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/clusters/tool.json b/clusters/tool.json
index 11e16a8..b27989c 100644
--- a/clusters/tool.json
+++ b/clusters/tool.json
@@ -1060,9 +1060,18 @@
         "meta": {
          "refs": ["https://www.virusbulletin.com/conference/vb2014/abstracts/back-blackenergy-2014-targeted-attacks-ukraine-and-poland/"]
         }
+    },
+    {
+       "value": "Trojan.Seaduke",
+       "description": "Trojan.Seaduke is a Trojan horse that opens a back door on the compromised computer. It may also download potentially malicious files.",
+       "refs": ["https://www.symantec.com/security_response/writeup.jsp?docid=2015-031915-4935-99"],
+       "synonyms": [ "Seaduke" ]
+    },
+    {
+        "value": "Backdoor.Tinybaron"
     }
 ],
-  "version": 4,
+  "version": 5,
   "uuid": "0d821b68-9d82-4c6d-86a6-1071a9e0f79f",
   "description": "threat-actor-tools is an enumeration of tools used by adversaries. The list includes malware but also common software regularly used by the adversaries.",
   "author": [