some updates

clusters/botnet.json

@@ -2,7 +2,7 @@
   "description": "botnet galaxy",
   "uuid": "a91732f4-164a-11e8-924a-ffd4097eb03f",
   "source": "MISP Project",
-  "version": 5,
+  "version": 6,
   "values": [
     {
       "meta": {
@@ -617,6 +617,18 @@
       "description": "The bot gathers information from the infected system through WMI queries (SerialNumber, SystemDrive, operating system, processor architecture), which it then sends back to a remote attacker. It installs a backdoor giving an attacker the possibility to run command such as: download a file, update itself, visit a website and perform HTTP, SYN, UDP flooding",
       "value": "Pontoeb",
       "uuid": "bc60de19-27a5-4df8-a835-70781b923125"
+    },
+    {
+      "meta": {
+        "refs": [
+          "https://www.bleepingcomputer.com/news/security/trik-spam-botnet-leaks-43-million-email-addresses/"
+        ],
+        "synonyms": [
+          "Trik Trojan"
+        ]
+      },
+      "value": "Trik Spam Botnet",
+      "uuid": "c68d5e64-7485-11e8-8625-2b14141f0501"
     }
   ],
   "authors": [

clusters/ransomware.json

@@ -7966,7 +7966,8 @@
           "samsam.exe",
           "MIKOPONI.exe",
           "RikiRafael.exe",
-          "showmehowto.exe"
+          "showmehowto.exe",
+          "SamSam Ransomware"
         ],
         "extensions": [
           ".encryptedAES",
@@ -8014,7 +8015,8 @@
         "refs": [
           "https://download.bleepingcomputer.com/demonslay335/SamSamStringDecrypter.zip",
           "http://blog.talosintel.com/2016/03/samsam-ransomware.html",
-          "http://www.intelsecurity.com/advanced-threat-research/content/Analysis_SamSa_Ransomware.pdf"
+          "http://www.intelsecurity.com/advanced-threat-research/content/Analysis_SamSa_Ransomware.pdf",
+          "https://www.bleepingcomputer.com/news/security/new-samsam-variant-requires-special-password-before-infection/"
         ]
       },
       "uuid": "731e4a5e-35f2-47b1-80ba-150b95fdc14d"