Merge branch 'cocaman-patch-1'

clusters/malpedia.json

@@ -18809,7 +18809,24 @@
       },
       "uuid": "237a1c2e-fb14-583d-ab2c-71f10a52ec06",
       "value": "MedusaLocker"
+    },
+    {
+      "description": "Raccoon is a stealer and collects \"passwords, cookies and autofill from all popular browsers (including FireFox x64), CC data, system information, almost all existing desktop wallets of cryptocurrencies\".",
+      "meta": {
+        "refs": [
+          "https://malpedia.caad.fkie.fraunhofer.de/details/win.raccoon",
+          "https://www.secfreaks.gr/2019/12/in-depth-analysis-of-an-infostealer-raccoon.html",
+          "https://www.bitdefender.com/files/News/CaseStudies/study/289/Bitdefender-WhitePaper-Fallout.pdf",
+          "https://www.cybereason.com/blog/hunting-raccoon-stealer-the-new-masked-bandit-on-the-block"
+        ],
+        "synonyms": [
+          "Racoon"
+        ],
+        "type": []
+      },
+      "uuid": "10c03b2e-5e53-11ea-ac08-00163cdbc7b4",
+      "value": "Raccoon"
     }
   ],
-  "version": 2561
+  "version": 2562
 }

clusters/threat-actor.json

@@ -4472,7 +4472,8 @@
           "https://www.scmagazineuk.com/ocean-lotus-groupapt-32-identified-as-vietnamese-apt-group/article/663565/",
           "https://www.brighttalk.com/webcast/10703/261205",
           "https://github.com/eset/malware-research/tree/master/oceanlotus",
-          "https://www.cfr.org/interactive/cyber-operations/ocean-lotus"
+          "https://www.cfr.org/interactive/cyber-operations/ocean-lotus",
+          "https://www.accenture.com/us-en/blogs/blogs-pond-loach-delivers-badcake-malware"
         ],
         "synonyms": [
           "OceanLotus Group",
@@ -4484,7 +4485,8 @@
           "Sea Lotus",
           "APT-32",
           "APT 32",
-          "Ocean Buffalo"
+          "Ocean Buffalo",
+          "POND LOACH"
         ]
       },
       "related": [
@@ -7967,5 +7969,5 @@
       "value": "InvisiMole"
     }
   ],
-  "version": 155
+  "version": 156
 }