diff --git a/clusters/ransomware.json b/clusters/ransomware.json
index 803f1d9d..dc155663 100644
--- a/clusters/ransomware.json
+++ b/clusters/ransomware.json
@@ -8464,6 +8464,22 @@
           "https://www.bleepingcomputer.com/news/security/jaff-ransomware-distributed-via-necurs-malspam-and-asking-for-a-3-700-ransom/"
         ]
       }
+    },
+    {
+      "value": "Uiwix Ransomware",
+      "description": "Using EternalBlue SMB Exploit To Infect Victims",
+      "meta": {
+        "extensions": [
+          "._[10_digit_victim_id].UIWIX"
+        ],
+        "encryption": "may be a mixture of AES and RC4.",
+        "ransomnotes": [
+          "_DECODE_FILES.txt"
+        ],
+        "refs": [
+          "https://www.bleepingcomputer.com/news/security/uiwix-ransomware-using-eternalblue-smb-exploit-to-infect-victims/"
+        ]
+      }
     }
   ],
   "source": "Various",