{
	"id": "0a9ff13b-d679-443c-8745-83c30cabfe08",
	"created_at": "2026-04-06T00:11:49.833018Z",
	"updated_at": "2026-04-10T03:21:46.438517Z",
	"deleted_at": null,
	"sha1_hash": "132bb7ffd60cdef1e33a4445dae0fa72d34be2ce",
	"title": "Threat Group Cards: A Threat Actor Encyclopedia",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 29178,
	"plain_text": "Threat Group Cards: A Threat Actor Encyclopedia\r\nArchived: 2026-04-05 12:58:51 UTC\r\nDescription(BleepingComputer) While researching the new ransomware group, BleepingComputer found a\r\ndecryptor from a BlackMatter victim and shared it with Emisosft CTO and ransomware expert Fabian Wosar.\r\nAfter analyzing the decryptor, Wosar confirmed that the new BlackMatter group is using the same unique\r\nencryption methods that DarkSide had used in their attacks.\r\nSource: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=1ccb7a82-d909-4638-b970-99f30d53c854\r\nhttps://apt.etda.or.th/cgi-bin/listgroups.cgi?u=1ccb7a82-d909-4638-b970-99f30d53c854\r\nPage 1 of 1",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"references": [
		"https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=1ccb7a82-d909-4638-b970-99f30d53c854"
	],
	"report_names": [
		"listgroups.cgi?u=1ccb7a82-d909-4638-b970-99f30d53c854"
	],
	"threat_actors": [],
	"ts_created_at": 1775434309,
	"ts_updated_at": 1775791306,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/132bb7ffd60cdef1e33a4445dae0fa72d34be2ce.pdf",
		"text": "https://archive.orkl.eu/132bb7ffd60cdef1e33a4445dae0fa72d34be2ce.txt",
		"img": "https://archive.orkl.eu/132bb7ffd60cdef1e33a4445dae0fa72d34be2ce.jpg"
	}
}