From f86c748b8cdc555bbe79f43c907ade3ec6ea6465 Mon Sep 17 00:00:00 2001
From: Deborah Servili <deborah.servili@gmail.com>
Date: Wed, 20 Mar 2019 15:45:20 +0100
Subject: [PATCH] add AOT-C-27 Goldmouse

---
 clusters/threat-actor.json | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json
index 70f379b..c6f820e 100644
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@@ -6630,7 +6630,19 @@
       },
       "uuid": "35c40ce2-57c0-479e-8a56-efbb8695e395",
       "value": "Operation Comando"
+    },
+    {
+      "meta": {
+        "refs": [
+          "https://ti.360.net/blog/articles/apt-c-27-(goldmouse):-suspected-target-attack-against-the-middle-east-with-winrar-exploit-en/"
+        ],
+        "synonyms": [
+          "Goldmouse"
+        ]
+      },
+      "uuid": "ee7f535d-cc3e-40f3-99f3-c97963cfa250",
+      "value": "APT-C-27"
     }
   ],
-  "version": 100
+  "version": 101
 }