From 159225b6cf62a1c6478fd1a970317e21037b5388 Mon Sep 17 00:00:00 2001
From: Daniel Plohmann <daniel.plohmann@mailbox.org>
Date: Thu, 11 Apr 2019 22:29:49 +0200
Subject: [PATCH] Based on additional research, APT36 can actually be merged
 into Mythic Leopard

---
 clusters/threat-actor.json | 28 +++++++++-------------------
 1 file changed, 9 insertions(+), 19 deletions(-)

diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json
index db3d03b..1d4dd3e 100644
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@@ -2887,12 +2887,18 @@
           "http://documents.trendmicro.com/assets/pdf/Indian-military-personnel-targeted-by-information-theft-campaign-cmajor.pdf",
           "https://www.proofpoint.com/sites/default/files/proofpoint-operation-transparent-tribe-threat-insight-en.pdf",
           "https://www.amnesty.org/en/documents/asa33/8366/2018/en/",
-          "https://www.crowdstrike.com/blog/adversary-of-the-month-for-may/"
+          "https://www.crowdstrike.com/blog/adversary-of-the-month-for-may/",
+          "https://mkd-cirt.mk/wp-content/uploads/2018/08/20181009_3_1_M-Trends2018-May-2018-compressed.pdf",
+          "https://nciipc.gov.in/documents/NCIIPC_Newsletter_July18.pdf",
+          "https://aisa.org.au//PDF/AISA%20Sydney%20-%20Dec2016.pdf"
         ],
         "synonyms": [
           "C-Major",
           "Transparent Tribe",
-          "Mythic Leopard"
+          "Mythic Leopard",
+          "APT36",
+          "APT 36",
+          "TMP.Lapis"
         ]
       },
       "related": [
@@ -6655,23 +6661,7 @@
       },
       "uuid": "401c30c7-4317-458a-9b0a-379a44d63457",
       "value": "Operation ShadowHammer"
-    },
-    {
-      "description": "FireEye details APT36 as a Pakistani espionage group that supports Pakistani military and diplomatic interests, targeting Indian military and government. Operations have been also observed in the US, Europe, and Central Asia. Uses social engineering emails, multiple open-source, and custom malware tools.",
-      "meta": {
-        "refs": [
-          "https://mkd-cirt.mk/wp-content/uploads/2018/08/20181009_3_1_M-Trends2018-May-2018-compressed.pdf",
-          "https://nciipc.gov.in/documents/NCIIPC_Newsletter_July18.pdf",
-          "https://aisa.org.au//PDF/AISA%20Sydney%20-%20Dec2016.pdf"
-        ],
-        "synonyms": [
-          "APT 36",
-          "TMP.Lapis"
-        ]
-      },
-      "uuid": "80fad97c-df3a-44ea-a127-cf29833b4946",
-      "value": "APT36"
     }
   ],
-  "version": 106
+  "version": 107
 }