From fc9505cadf281f2fe5bbb092560e5b26cbf82b35 Mon Sep 17 00:00:00 2001
From: Thomas Dupuy <thom4s.d@gmail.com>
Date: Fri, 8 May 2020 13:29:14 -0400
Subject: [PATCH] Add Sednit's Exploit-kit Sedkit

---
 clusters/tool.json | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

diff --git a/clusters/tool.json b/clusters/tool.json
index 378a3ff..af6a544 100644
--- a/clusters/tool.json
+++ b/clusters/tool.json
@@ -8016,7 +8016,23 @@
       },
       "uuid": "edd9e14c-80f7-4a50-ab85-fa1120c54003",
       "value": "DenesRAT"
+    },
+    {
+      "description": "Sednit's Exploit-Kit",
+      "meta": {
+        "refs": [
+          "https://www.welivesecurity.com/2014/10/08/sednit-espionage-group-now-using-custom-exploit-kit/",
+          "https://www.welivesecurity.com/2016/10/20/new-eset-research-paper-puts-sednit-under-the-microscope/"
+        ],
+        "synonyms": [],
+        "type": [
+          "Exploit-Kit"
+        ]
+      },
+      "related": [],
+      "uuid": "a2d1cdd6-1c3d-47b3-803b-9a3fffe2f051",
+      "value": "Sedkit"
     }
   ],
-  "version": 134
+  "version": 135
 }