diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json
index fc47ca3..336e826 100644
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@@ -11959,6 +11959,17 @@
       ],
       "uuid": "32eebd31-5e0f-4fb9-b478-26ff4e48aaf4",
       "value": "AtlasCross"
+    },
+    {
+      "description": "Scarred Manticore has been pursuing high-value targets for years, utilizing a variety of IIS-based backdoors to attack Windows servers. These include a variety of custom web shells, custom DLL backdoors, and driver-based implants.",
+      "meta": {
+        "refs": [
+          "https://research.checkpoint.com/2023/from-albania-to-the-middle-east-the-scarred-manticore-is-listening/"
+        ],
+        "country": "IR"
+      },
+      "uuid": "79d0da59-9400-40f6-b72b-6c6f47354d59",
+      "value": "Scarred Manticore"
     }
   ],
   "version": 285