{
	"id": "0441c1bc-680c-43c3-a479-9b8042951baa",
	"created_at": "2026-04-06T00:21:09.552274Z",
	"updated_at": "2026-04-10T03:20:24.831183Z",
	"deleted_at": null,
	"sha1_hash": "547a6b1b2ca80d21d88684d19339dca4441ca8d9",
	"title": "Threat Group Cards: A Threat Actor Encyclopedia",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 47365,
	"plain_text": "Threat Group Cards: A Threat Actor Encyclopedia\r\nArchived: 2026-04-05 21:45:15 UTC\r\nHome \u003e List all groups \u003e List all tools \u003e List all groups using tool GetMyPass\r\n Tool: GetMyPass\r\nNames\r\nGetMyPass\r\ngetmypos\r\nCategory Malware\r\nType POS malware, Credential stealer\r\nDescription\r\n(securitykitten) To run this malware successfully the attacker would need several pieces of\r\ninformation:\r\n• Credentials\r\n• Name of the POS executable / service\r\n• A method for moving the data out of the network\r\nThis malware seems to be in its infancy. There are debug strings still existent in the malware\r\nindicate to me that the author is still testing the tool or is still actively developing it.\r\nInformation\r\n\u003chttps://securitykitten.github.io/2014/11/26/getmypass-point-of-sale-malware.html\u003e\r\n\u003chttps://securitykitten.github.io/2015/01/08/getmypass-point-of-sale-malware-update.html\u003e\r\n\u003chttps://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/the-evolution-of-point-of-sale-pos-malware\u003e\r\nMalpedia \u003chttps://malpedia.caad.fkie.fraunhofer.de/details/win.getmypass\u003e\r\nLast change to this tool card: 28 December 2022\r\nDownload this tool card in JSON format\r\nAll groups using tool GetMyPass\r\nChanged Name Country Observed\r\nUnknown groups\r\nhttps://apt.etda.or.th/cgi-bin/listgroups.cgi?u=e7350acb-9bf2-44d4-8dc1-be203d72ea74\r\nPage 1 of 2\n\n_[ Interesting malware not linked to an actor yet ]_  \r\n1 group listed (0 APT, 0 other, 1 unknown)\r\nSource: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=e7350acb-9bf2-44d4-8dc1-be203d72ea74\r\nhttps://apt.etda.or.th/cgi-bin/listgroups.cgi?u=e7350acb-9bf2-44d4-8dc1-be203d72ea74\r\nPage 2 of 2",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"references": [
		"https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=e7350acb-9bf2-44d4-8dc1-be203d72ea74"
	],
	"report_names": [
		"listgroups.cgi?u=e7350acb-9bf2-44d4-8dc1-be203d72ea74"
	],
	"threat_actors": [],
	"ts_created_at": 1775434869,
	"ts_updated_at": 1775791224,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/547a6b1b2ca80d21d88684d19339dca4441ca8d9.pdf",
		"text": "https://archive.orkl.eu/547a6b1b2ca80d21d88684d19339dca4441ca8d9.txt",
		"img": "https://archive.orkl.eu/547a6b1b2ca80d21d88684d19339dca4441ca8d9.jpg"
	}
}