{
	"id": "64226344-1aa8-43e2-8ed6-011c7eb812e7",
	"created_at": "2026-04-06T00:09:36.188656Z",
	"updated_at": "2026-04-10T03:35:26.551097Z",
	"deleted_at": null,
	"sha1_hash": "64bdafbc49f1d14cf245bc58b11acb8af6e30d6f",
	"title": "Threat Group Cards: A Threat Actor Encyclopedia",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 48402,
	"plain_text": "Threat Group Cards: A Threat Actor Encyclopedia\nArchived: 2026-04-05 23:43:45 UTC\nHome \u003e List all groups \u003e List all tools \u003e List all groups using tool Hussar\n Tool: Hussar\nNames Hussar\nCategory Malware\nType Reconnaissance, Loader\nDescription\n(Positive Technologies) In essence Hussar is similar to the shellcodes described earlier. It\nallows loading modules and collecting basic information about the computer. It can also\nadd itself to the list of authorized applications in Windows Firewall.\nInformation Malpedia AlienVault OTX Last change to this tool card: 24 April 2021\nDownload this tool card in JSON format\nAll groups using tool Hussar\nChanged Name Country Observed\nAPT groups\n Calypso 2016-Aug 2021\n1 group listed (1 APT, 0 other, 0 unknown)\nSource: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=e366a5fc-3b35-43e4-bb47-20a3d42f2785\nhttps://apt.etda.or.th/cgi-bin/listgroups.cgi?u=e366a5fc-3b35-43e4-bb47-20a3d42f2785\nPage 1 of 1",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"references": [
		"https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=e366a5fc-3b35-43e4-bb47-20a3d42f2785"
	],
	"report_names": [
		"listgroups.cgi?u=e366a5fc-3b35-43e4-bb47-20a3d42f2785"
	],
	"threat_actors": [
		{
			"id": "3c5b0e7e-2388-4b63-9b97-6b027bec4bf7",
			"created_at": "2023-01-06T13:46:39.068694Z",
			"updated_at": "2026-04-10T02:00:03.202867Z",
			"deleted_at": null,
			"main_name": "Calypso",
			"aliases": [
				"BRONZE MEDLEY"
			],
			"source_name": "MISPGALAXY:Calypso",
			"tools": [],
			"source_id": "MISPGALAXY",
			"reports": null
		},
		{
			"id": "13d9c5fc-af82-4474-90dd-188c4e40a399",
			"created_at": "2022-10-25T16:07:23.435079Z",
			"updated_at": "2026-04-10T02:00:04.601572Z",
			"deleted_at": null,
			"main_name": "Calypso",
			"aliases": [
				"Bronze Medley"
			],
			"source_name": "ETDA:Calypso",
			"tools": [
				"Agent.dhwf",
				"Byeby",
				"Calypso RAT",
				"DCSync",
				"Destroy RAT",
				"DestroyRAT",
				"DoublePulsar",
				"EternalBlue",
				"EternalRomance",
				"FlyingDutchman",
				"Kaba",
				"Korplug",
				"LOLBAS",
				"LOLBins",
				"Living off the Land",
				"Mimikatz",
				"NBTscan",
				"OS_Check_445",
				"PlugX",
				"Quarks PwDump",
				"RedDelta",
				"SAMRID",
				"Sogu",
				"SysInternals",
				"TCP Port Scanner",
				"TIGERPLUG",
				"TVT",
				"Thoper",
				"Whitebird",
				"Xamtrav",
				"ZXPortMap",
				"nbtscan",
				"netcat"
			],
			"source_id": "ETDA",
			"reports": null
		}
	],
	"ts_created_at": 1775434176,
	"ts_updated_at": 1775792126,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/64bdafbc49f1d14cf245bc58b11acb8af6e30d6f.pdf",
		"text": "https://archive.orkl.eu/64bdafbc49f1d14cf245bc58b11acb8af6e30d6f.txt",
		"img": "https://archive.orkl.eu/64bdafbc49f1d14cf245bc58b11acb8af6e30d6f.jpg"
	}
}