{
	"id": "358c6fd2-0224-47aa-971e-429a5c845f01",
	"created_at": "2026-04-06T00:10:45.148232Z",
	"updated_at": "2026-04-10T03:29:28.364121Z",
	"deleted_at": null,
	"sha1_hash": "5d2fb8dd57f9243cd675da6486e3f5b516deee61",
	"title": "Threat Group Cards: A Threat Actor Encyclopedia",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 48977,
	"plain_text": "Threat Group Cards: A Threat Actor Encyclopedia\nArchived: 2026-04-05 18:39:57 UTC\nHome \u003e List all groups \u003e List all tools \u003e List all groups using tool Truvasys\n Tool: Truvasys\nNames Truvasys\nCategory Malware\nType Loader\nDescription\n(Microsoft) A first-stage malware that has been in circulation for several years. Truvasys\nhas been involved in several attack campaigns, where it has masqueraded as one of\nserver common computer utilities, including WinUtils, TrueCrypt, WinRAR, or\nSanDisk.\nInformation\nMITRE ATT\u0026CK Last change to this tool card: 22 April 2020\nDownload this tool card in JSON format\nAll groups using tool Truvasys\nChanged Name Country Observed\nAPT groups\n Promethium, StrongPity 2012-Nov 2021\n1 group listed (1 APT, 0 other, 0 unknown)\nSource: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=11dd235d-2f18-48d2-8fb6-24ca6fbcfda2\nhttps://apt.etda.or.th/cgi-bin/listgroups.cgi?u=11dd235d-2f18-48d2-8fb6-24ca6fbcfda2\nPage 1 of 1",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"references": [
		"https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=11dd235d-2f18-48d2-8fb6-24ca6fbcfda2"
	],
	"report_names": [
		"listgroups.cgi?u=11dd235d-2f18-48d2-8fb6-24ca6fbcfda2"
	],
	"threat_actors": [
		{
			"id": "67fbc7d7-ba8e-4258-b53c-9a5d755e1960",
			"created_at": "2022-10-25T16:07:24.077859Z",
			"updated_at": "2026-04-10T02:00:04.860725Z",
			"deleted_at": null,
			"main_name": "Promethium",
			"aliases": [
				"APT-C-41",
				"G0056",
				"Magenta Dust",
				"Promethium",
				"StrongPity"
			],
			"source_name": "ETDA:Promethium",
			"tools": [
				"StrongPity",
				"StrongPity2",
				"StrongPity3",
				"Truvasys"
			],
			"source_id": "ETDA",
			"reports": null
		},
		{
			"id": "cbede712-4cc3-47c6-bf78-92fd9f1beac6",
			"created_at": "2022-10-25T15:50:23.777222Z",
			"updated_at": "2026-04-10T02:00:05.399303Z",
			"deleted_at": null,
			"main_name": "PROMETHIUM",
			"aliases": [
				"PROMETHIUM",
				"StrongPity"
			],
			"source_name": "MITRE:PROMETHIUM",
			"tools": [
				"Truvasys",
				"StrongPity"
			],
			"source_id": "MITRE",
			"reports": null
		},
		{
			"id": "4660477f-333f-4a18-b49b-0b4d7c66d482",
			"created_at": "2023-01-06T13:46:38.511962Z",
			"updated_at": "2026-04-10T02:00:03.007466Z",
			"deleted_at": null,
			"main_name": "PROMETHIUM",
			"aliases": [
				"StrongPity",
				"G0056"
			],
			"source_name": "MISPGALAXY:PROMETHIUM",
			"tools": [],
			"source_id": "MISPGALAXY",
			"reports": null
		}
	],
	"ts_created_at": 1775434245,
	"ts_updated_at": 1775791768,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/5d2fb8dd57f9243cd675da6486e3f5b516deee61.pdf",
		"text": "https://archive.orkl.eu/5d2fb8dd57f9243cd675da6486e3f5b516deee61.txt",
		"img": "https://archive.orkl.eu/5d2fb8dd57f9243cd675da6486e3f5b516deee61.jpg"
	}
}