From bde46ff10dffdd360f653adda16547eba38ec8ac Mon Sep 17 00:00:00 2001
From: Christophe Vandeplas <christophe@vandeplas.com>
Date: Mon, 28 Nov 2016 13:51:01 +0100
Subject: [PATCH] added Tartine

---
 clusters/tools.json | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/clusters/tools.json b/clusters/tools.json
index 584f7f2..0d6621c 100644
--- a/clusters/tools.json
+++ b/clusters/tools.json
@@ -628,6 +628,10 @@
       "description": "The attacks in this case are associated with a campaign called Tropic Trooper, which has been active since at least 2011 and is known for heavily targeting Taiwan. One of the attacks used their known Yahoyah malware...",
       "refs": ["http://researchcenter.paloaltonetworks.com/2016/11/unit42-tropic-trooper-targets-taiwanese-government-and-fossil-fuel-provider-with-poison-ivy/"],
       "synonyms": ["W32/Seeav"]
+    },
+    {
+      "value": "Tartine",
+      "description": "Delphi RAT used by Sofacy."
     }
   ],
   "version": 2,