{
	"id": "3bb8d7f2-a3d4-49b9-bab3-ff463b167980",
	"created_at": "2026-04-06T00:13:39.572334Z",
	"updated_at": "2026-04-10T13:12:10.406346Z",
	"deleted_at": null,
	"sha1_hash": "0632456aa3f9245debb8369de5be564622894f1a",
	"title": "Threat Group Cards: A Threat Actor Encyclopedia",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 46687,
	"plain_text": "Threat Group Cards: A Threat Actor Encyclopedia\nArchived: 2026-04-05 13:46:34 UTC\nHome \u003e List all groups \u003e List all tools \u003e List all groups using tool Banatrix\n Tool: Banatrix\nNames Banatrix\nCategory Malware\nType Banking trojan, Credential stealer\nDescription\n(CERT.PL) Of all of the Polish malware families that we have seen last year, Banatrix\nseems to be the most technologically advanced one. This malware was used to replace the\nbank account number in the browser memory, however its implementation allowed an\nattacker to execute any arbitrary code on the victim’s machine. This was used to extract\npasswords saved in the Mozilla Firefox browser.\nInformation Malpedia AlienVault OTX Last change to this tool card: 24 May 2020\nDownload this tool card in JSON format\nAll groups using tool Banatrix\nChanged Name Country Observed\nUnknown groups\n _[ Interesting malware not linked to an actor yet ]_\n1 group listed (0 APT, 0 other, 1 unknown)\nSource: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=79453630-610b-4b32-872c-a9b2de74cb41\nhttps://apt.etda.or.th/cgi-bin/listgroups.cgi?u=79453630-610b-4b32-872c-a9b2de74cb41\nPage 1 of 1",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"origins": [
		"web"
	],
	"references": [
		"https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=79453630-610b-4b32-872c-a9b2de74cb41"
	],
	"report_names": [
		"listgroups.cgi?u=79453630-610b-4b32-872c-a9b2de74cb41"
	],
	"threat_actors": [],
	"ts_created_at": 1775434419,
	"ts_updated_at": 1775826730,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/0632456aa3f9245debb8369de5be564622894f1a.pdf",
		"text": "https://archive.orkl.eu/0632456aa3f9245debb8369de5be564622894f1a.txt",
		"img": "https://archive.orkl.eu/0632456aa3f9245debb8369de5be564622894f1a.jpg"
	}
}