{
	"id": "40ef05c0-332c-4816-94c7-562028e89285",
	"created_at": "2026-04-06T01:31:12.953152Z",
	"updated_at": "2026-04-10T13:11:29.090941Z",
	"deleted_at": null,
	"sha1_hash": "5ede8a0927c99d5f771afaf23e11c79971775b9c",
	"title": "Clambling (Malware Family)",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 28748,
	"plain_text": "Clambling (Malware Family)\r\nBy Fraunhofer FKIE\r\nArchived: 2026-04-06 00:34:37 UTC\r\nClambling was discovered by Trend Micro and TalentJump. It is a custom malware used by an actor they refer to\r\nas DRBControl, which targets gambling and betting companies in Southeast Asia. One version of Clambling uses\r\nDropbox as C\u0026C channel to hide its communication.\r\n[TLP:WHITE] win_clambling_auto (20251219 | Detects win.clambling.)\r\nSource: https://malpedia.caad.fkie.fraunhofer.de/details/win.clambling\r\nhttps://malpedia.caad.fkie.fraunhofer.de/details/win.clambling\r\nPage 1 of 1",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"origins": [
		"web"
	],
	"references": [
		"https://malpedia.caad.fkie.fraunhofer.de/details/win.clambling"
	],
	"report_names": [
		"win.clambling"
	],
	"threat_actors": [],
	"ts_created_at": 1775439072,
	"ts_updated_at": 1775826689,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/5ede8a0927c99d5f771afaf23e11c79971775b9c.pdf",
		"text": "https://archive.orkl.eu/5ede8a0927c99d5f771afaf23e11c79971775b9c.txt",
		"img": "https://archive.orkl.eu/5ede8a0927c99d5f771afaf23e11c79971775b9c.jpg"
	}
}