diff --git a/clusters/tool.json b/clusters/tool.json
index 3025a76..46a361b 100644
--- a/clusters/tool.json
+++ b/clusters/tool.json
@@ -473,7 +473,21 @@
       }
     },
     {
-      "value": "NETEAGLE"
+      "value": "Neteagle",
+      "description": "NETEAGLE is a backdoor developed by APT30 with compile dates as early as 2008. It has two main variants known as Scout and Norton.",
+      "meta": {
+        "refs": [
+          "https://attack.mitre.org/wiki/Software/S0034",
+          "https://www2.fireeye.com/rs/fireye/images/rpt-apt30.pdf"
+        ],
+        "synonyms": [
+          "scout",
+          "norton"
+        ],
+        "type": [
+          "Backdoor"
+        ]
+      }
     },
     {
       "value": "Agent.BTZ",