diff --git a/clusters/ransomware.json b/clusters/ransomware.json
index 3b722f61..53f20ba4 100644
--- a/clusters/ransomware.json
+++ b/clusters/ransomware.json
@@ -2126,6 +2126,21 @@
       "uuid": "c3ef2acd-cc5d-4240-80e7-47e85b46db96",
       "value": "GOG Ransomware"
     },
+    {
+      "description": "RegretLocker is a new ransomware that has been found in the wild in the last month that does not only encrypt normal files on disk like other ransomwares. When running, it will particularly search for VHD files, mount them using Windows Virtual Storage API, and then encrypt all the files it finds inside of those VHD files.",
+      "meta": {
+        "date": "November 2020",
+        "encryption": "AES",
+        "extensions": [
+          ".mouse"
+        ],
+        "refs": [
+          "http://chuongdong.com/reverse%20engineering/2020/11/17/RegretLocker/"
+        ]
+      },
+      "uuid": "9479d372-605e-408e-a2a3-ea971ad4ad78",
+      "value": "RegretLocker"
+    },
     {
       "description": "It’s directed to English speaking users, therefore is able to infect worldwide.  It is spread using email spam, fake updates, attachments and so on.  It encrypts all your files, including: music, MS Office, Open Office, pictures, videos, shared online files etc.. Ransom is 0.1 Bitcoins. Original name is TrojanRansom.",
       "meta": {
@@ -14002,5 +14017,5 @@
       "value": "RansomEXX"
     }
   ],
-  "version": 89
+  "version": 90
 }