From f00e80ae7e8ec1281360ad3c6252eb7832f2e52d Mon Sep 17 00:00:00 2001
From: Adam McHugh <adam@mchughsecurity.com>
Date: Sun, 17 Apr 2022 19:44:42 +0930
Subject: [PATCH] Added Cryptominer Blue Mockingbird from RedCanary advisory.

---
 clusters/cryptominers.json | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/clusters/cryptominers.json b/clusters/cryptominers.json
index db5ffee..b23ae9d 100644
--- a/clusters/cryptominers.json
+++ b/clusters/cryptominers.json
@@ -42,6 +42,16 @@
       },
       "uuid": "20e563b0-f0c9-4253-aedd-a4542d6689ed",
       "value": "WannaMine"
+    },
+    {
+      "description": "Blue Mockingbird Crypto miner is a crypto-mining payload within DLLs on Windows Systems.",
+      "meta": {
+        "refs": [
+          "https://redcanary.com/blog/blue-mockingbird-cryptominer/"
+        ]
+      },
+      "uuid": "3dd091c9-608f-44d6-ac0c-5dfdf9bb4518",
+      "value": "Blue Mockingbird Cryptominer"
     }
   ],
   "version": 1