diff --git a/clusters/tools.json b/clusters/tools.json
index 584f7f2..0d6621c 100644
--- a/clusters/tools.json
+++ b/clusters/tools.json
@@ -628,6 +628,10 @@
       "description": "The attacks in this case are associated with a campaign called Tropic Trooper, which has been active since at least 2011 and is known for heavily targeting Taiwan. One of the attacks used their known Yahoyah malware...",
       "refs": ["http://researchcenter.paloaltonetworks.com/2016/11/unit42-tropic-trooper-targets-taiwanese-government-and-fossil-fuel-provider-with-poison-ivy/"],
       "synonyms": ["W32/Seeav"]
+    },
+    {
+      "value": "Tartine",
+      "description": "Delphi RAT used by Sofacy."
     }
   ],
   "version": 2,