{
	"id": "3079a935-28ec-469c-b432-6661263c51f7",
	"created_at": "2026-04-06T03:37:11.84398Z",
	"updated_at": "2026-04-10T03:21:55.113802Z",
	"deleted_at": null,
	"sha1_hash": "8fc878cdd9826e79f56104e216c401893f634d1b",
	"title": "Threat Group Cards: A Threat Actor Encyclopedia",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 27361,
	"plain_text": "Threat Group Cards: A Threat Actor Encyclopedia\r\nArchived: 2026-04-06 02:51:15 UTC\r\nDescription(Cybereason) The ransomware iterates through all folders on the machine, encrypts all files, and drops\r\na ransom note in each folder. Once it has finished encryption, it changes the desktop wallpaper to help inform the\r\nuser of the attack.\r\nSource: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=abd10b51-212f-4403-a7df-328238d3df19\r\nhttps://apt.etda.or.th/cgi-bin/listgroups.cgi?u=abd10b51-212f-4403-a7df-328238d3df19\r\nPage 1 of 1",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"references": [
		"https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=abd10b51-212f-4403-a7df-328238d3df19"
	],
	"report_names": [
		"listgroups.cgi?u=abd10b51-212f-4403-a7df-328238d3df19"
	],
	"threat_actors": [],
	"ts_created_at": 1775446631,
	"ts_updated_at": 1775791315,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/8fc878cdd9826e79f56104e216c401893f634d1b.pdf",
		"text": "https://archive.orkl.eu/8fc878cdd9826e79f56104e216c401893f634d1b.txt",
		"img": "https://archive.orkl.eu/8fc878cdd9826e79f56104e216c401893f634d1b.jpg"
	}
}