{
	"id": "1bf6aac9-d024-408d-9512-d4fc0d34c469",
	"created_at": "2026-04-06T00:21:15.253487Z",
	"updated_at": "2026-04-10T13:12:26.963465Z",
	"deleted_at": null,
	"sha1_hash": "90ef899237ed03d1c7fe6d05858fd9221968328f",
	"title": "Threat Group Cards: A Threat Actor Encyclopedia",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 47449,
	"plain_text": "Threat Group Cards: A Threat Actor Encyclopedia\nArchived: 2026-04-05 19:59:18 UTC\nHome \u003e List all groups \u003e List all tools \u003e List all groups using tool Antd\n Tool: Antd\nNames\nAntd\nGreedyAntd\nCategory Malware\nType Miner\nDescription\n(Intezer) Antd is a miner found in the wild on September 18, 2018. Recently we discovered\nthat the authors from Antd are actively delivering newer campaigns deploying a broad number\nof components, most of them completely undetected and operating within compromised third\nparty Linux servers. Furthermore, we have observed that some of the techniques implemented\nby this group are unconventional, and there is an element of sophistication to them. We believe\nthe authors behind this malware are from Chinese origin.\nInformation Malpedia Last change to this tool card: 24 April 2021\nDownload this tool card in JSON format\nAll groups using tool Antd\nChanged Name Country Observed\nOther groups\n Pacha Group 2018-May 2019\n1 group listed (0 APT, 1 other, 0 unknown)\nSource: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=d7b382fb-f264-4ffc-a07e-2121e7e18200\nhttps://apt.etda.or.th/cgi-bin/listgroups.cgi?u=d7b382fb-f264-4ffc-a07e-2121e7e18200\nPage 1 of 1",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"origins": [
		"web"
	],
	"references": [
		"https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=d7b382fb-f264-4ffc-a07e-2121e7e18200"
	],
	"report_names": [
		"listgroups.cgi?u=d7b382fb-f264-4ffc-a07e-2121e7e18200"
	],
	"threat_actors": [
		{
			"id": "18bcbaa6-8e7b-43c4-9db7-8b0b315ee5a3",
			"created_at": "2023-01-06T13:46:39.024086Z",
			"updated_at": "2026-04-10T02:00:03.184974Z",
			"deleted_at": null,
			"main_name": "Pacha Group",
			"aliases": [],
			"source_name": "MISPGALAXY:Pacha Group",
			"tools": [],
			"source_id": "MISPGALAXY",
			"reports": null
		},
		{
			"id": "484c5fed-029e-4504-b75a-bbdbc9460595",
			"created_at": "2022-10-25T16:07:24.529893Z",
			"updated_at": "2026-04-10T02:00:05.02425Z",
			"deleted_at": null,
			"main_name": "Pacha Group",
			"aliases": [],
			"source_name": "ETDA:Pacha Group",
			"tools": [
				"Antd",
				"DDG",
				"GreedyAntd",
				"Korkerds",
				"XMRig"
			],
			"source_id": "ETDA",
			"reports": null
		}
	],
	"ts_created_at": 1775434875,
	"ts_updated_at": 1775826746,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/90ef899237ed03d1c7fe6d05858fd9221968328f.pdf",
		"text": "https://archive.orkl.eu/90ef899237ed03d1c7fe6d05858fd9221968328f.txt",
		"img": "https://archive.orkl.eu/90ef899237ed03d1c7fe6d05858fd9221968328f.jpg"
	}
}