{
	"id": "a06e7d0b-c6ca-4109-94bc-cd8d45d0c9a8",
	"created_at": "2026-04-06T00:19:41.91717Z",
	"updated_at": "2026-04-10T03:35:59.501806Z",
	"deleted_at": null,
	"sha1_hash": "4fb1c3eee680b55760b325d3998a99dc1f7febd2",
	"title": "Threat Group Cards: A Threat Actor Encyclopedia",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 44736,
	"plain_text": "Threat Group Cards: A Threat Actor Encyclopedia\r\nArchived: 2026-04-05 17:38:28 UTC\r\nHome \u003e List all groups \u003e List all tools \u003e List all groups using tool Avalanche\r\n Tool: Avalanche\r\nNames Avalanche\r\nCategory Malware\r\nType Botnet, Downloader\r\nDescription\r\n(US-CERT) Cyber criminals utilized Avalanche botnet infrastructure to host and distribute a\r\nvariety of malware variants to victims, including the targeting of over 40 major financial\r\ninstitutions. Victims may have had their sensitive personal information stolen (e.g., user\r\naccount credentials). Victims’ compromised systems may also have been used to conduct other\r\nmalicious activity, such as launching denial-of-service (DoS) attacks or distributing malware\r\nvariants to other victims’ computers.\r\nInformation \u003chttps://www.us-cert.gov/ncas/alerts/TA16-336A\u003e\r\nLast change to this tool card: 20 April 2020\r\nDownload this tool card in JSON format\r\nAll groups using tool Avalanche\r\nChanged Name Country Observed\r\nOther groups\r\n  Avalanche 2006-Dec 2016\r\n1 group listed (0 APT, 1 other, 0 unknown)\r\nSource: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=39fa9618-7f65-4bfc-9716-47f511367ff0\r\nhttps://apt.etda.or.th/cgi-bin/listgroups.cgi?u=39fa9618-7f65-4bfc-9716-47f511367ff0\r\nPage 1 of 1",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"references": [
		"https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=39fa9618-7f65-4bfc-9716-47f511367ff0"
	],
	"report_names": [
		"listgroups.cgi?u=39fa9618-7f65-4bfc-9716-47f511367ff0"
	],
	"threat_actors": [
		{
			"id": "bc289ba8-bc61-474c-8462-a3f7179d97bb",
			"created_at": "2022-10-25T16:07:24.450609Z",
			"updated_at": "2026-04-10T02:00:04.996582Z",
			"deleted_at": null,
			"main_name": "Avalanche",
			"aliases": [],
			"source_name": "ETDA:Avalanche",
			"tools": [],
			"source_id": "ETDA",
			"reports": null
		}
	],
	"ts_created_at": 1775434781,
	"ts_updated_at": 1775792159,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/4fb1c3eee680b55760b325d3998a99dc1f7febd2.pdf",
		"text": "https://archive.orkl.eu/4fb1c3eee680b55760b325d3998a99dc1f7febd2.txt",
		"img": "https://archive.orkl.eu/4fb1c3eee680b55760b325d3998a99dc1f7febd2.jpg"
	}
}