{
	"id": "01de247e-2ccb-4e19-88bf-fe72b2080525",
	"created_at": "2026-04-06T00:14:13.172209Z",
	"updated_at": "2026-04-10T03:21:04.199206Z",
	"deleted_at": null,
	"sha1_hash": "7f81237bfa243d1204b4a8ab44d15e92266c0a52",
	"title": "Threat Group Cards: A Threat Actor Encyclopedia",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 47545,
	"plain_text": "Threat Group Cards: A Threat Actor Encyclopedia\nArchived: 2026-04-05 20:49:36 UTC\nHome \u003e List all groups \u003e List all tools \u003e List all groups using tool Gozi v2\n Tool: Gozi v2\nNames\nGozi v2\nGozi Prinimalka\nPrinimalka-Gozi\nCategory Malware\nType Banking trojan, Credential stealer\nDescription\n(IBM) RSA recently discovered a new malware variant it dubbed Prinimalka-Gozi, which\nreportedly will be used in a massive, coordinated attack on U.S. banks called Project\nBlitzkrieg. After analyzing Prinimalka-Gozi, IBM Security determined that it is a distant\nrelative of the Gozi malware. According to our findings, the installation and HTML injection\ndesignation method it uses resembles Gozi. However, many implementation details such as the\nformat of the HTML injection, certain configuration elements and the machine code injected\ninto the browser process appear to be completely different than those of Gozi.\nInformation\nLast change to this tool card: 24 May 2020\nDownload this tool card in JSON format\nAll groups using tool Gozi v2\nChanged Name Country Observed\nUnknown groups\n _[ Interesting malware not linked to an actor yet ]_\n1 group listed (0 APT, 0 other, 1 unknown)\nhttps://apt.etda.or.th/cgi-bin/listgroups.cgi?u=9a68ee23-32e6-40bd-aac1-b620447a0c0f\nPage 1 of 2\n\nSource: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=9a68ee23-32e6-40bd-aac1-b620447a0c0f\r\nhttps://apt.etda.or.th/cgi-bin/listgroups.cgi?u=9a68ee23-32e6-40bd-aac1-b620447a0c0f\r\nPage 2 of 2\n\nUnknown groups _[ Interesting malware not linked to an actor yet ]_\n1 group listed (0 APT, 0 other, 1 unknown) \n   Page 1 of 2",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"references": [
		"https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=9a68ee23-32e6-40bd-aac1-b620447a0c0f"
	],
	"report_names": [
		"listgroups.cgi?u=9a68ee23-32e6-40bd-aac1-b620447a0c0f"
	],
	"threat_actors": [],
	"ts_created_at": 1775434453,
	"ts_updated_at": 1775791264,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/7f81237bfa243d1204b4a8ab44d15e92266c0a52.pdf",
		"text": "https://archive.orkl.eu/7f81237bfa243d1204b4a8ab44d15e92266c0a52.txt",
		"img": "https://archive.orkl.eu/7f81237bfa243d1204b4a8ab44d15e92266c0a52.jpg"
	}
}