{
	"id": "c93f9582-8685-4618-bdd0-cd9c3f3fde7d",
	"created_at": "2026-04-06T00:11:10.505873Z",
	"updated_at": "2026-04-10T03:21:03.261819Z",
	"deleted_at": null,
	"sha1_hash": "ab3f31431d9767393d978f4ea466c7356fdae14d",
	"title": "SlothfulMedia (Malware Family)",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 29347,
	"plain_text": "SlothfulMedia (Malware Family)\r\nBy Fraunhofer FKIE\r\nArchived: 2026-04-05 16:36:01 UTC\r\nAccording to MITRE, SLOTHFULMEDIA is a remote access Trojan written in C++ that has been used by an\r\nunidentified \"sophisticated cyber actor\" since at least January 2017. It has been used to target government\r\norganizations, defense contractors, universities, and energy companies in Russia, India, Kazakhstan, Kyrgyzstan,\r\nMalaysia, Ukraine, and Eastern Europe.\r\n[TLP:WHITE] win_slothfulmedia_auto (20251219 | Detects win.slothfulmedia.)\r\nSource: https://malpedia.caad.fkie.fraunhofer.de/details/win.slothfulmedia\r\nhttps://malpedia.caad.fkie.fraunhofer.de/details/win.slothfulmedia\r\nPage 1 of 1",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"references": [
		"https://malpedia.caad.fkie.fraunhofer.de/details/win.slothfulmedia"
	],
	"report_names": [
		"win.slothfulmedia"
	],
	"threat_actors": [],
	"ts_created_at": 1775434270,
	"ts_updated_at": 1775791263,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/ab3f31431d9767393d978f4ea466c7356fdae14d.pdf",
		"text": "https://archive.orkl.eu/ab3f31431d9767393d978f4ea466c7356fdae14d.txt",
		"img": "https://archive.orkl.eu/ab3f31431d9767393d978f4ea466c7356fdae14d.jpg"
	}
}