{
	"id": "7fb691ca-539c-4bc8-8c4b-2a3d9b56daa6",
	"created_at": "2026-04-06T00:17:16.550257Z",
	"updated_at": "2026-04-10T03:26:39.241983Z",
	"deleted_at": null,
	"sha1_hash": "ccfe4784d774add841f9f710b77b9b92b17dae02",
	"title": "Threat Group Cards: A Threat Actor Encyclopedia",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 46931,
	"plain_text": "Threat Group Cards: A Threat Actor Encyclopedia\nArchived: 2026-04-05 21:18:52 UTC\nHome \u003e List all groups \u003e List all tools \u003e List all groups using tool VAMP\n Tool: VAMP\nNames\nVAMP\nandroid.micropsia\nCategory Malware\nType Backdoor, Info stealer, Exfiltration\nDescription\n(Palo Alto) VAMP is fully featured with all the capabilities you’d expect from a malware\nfamily that resides on a phone. Features of the malware include:\n• Ability to record calls\n• Contact theft\n• Theft of documents stored on the device\n• Theft of messages\nInformation\nMalpedia Last change to this tool card: 24 April 2021\nDownload this tool card in JSON format\nAll groups using tool VAMP\nChanged Name Country Observed\nAPT groups\n Desert Falcons [Gaza] 2011-Oct 2023\n1 group listed (1 APT, 0 other, 0 unknown)\nhttps://apt.etda.or.th/cgi-bin/listgroups.cgi?u=d99a5a24-49db-4210-b7df-e80f9e07c51b\nPage 1 of 2\n\nSource: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=d99a5a24-49db-4210-b7df-e80f9e07c51b\r\nhttps://apt.etda.or.th/cgi-bin/listgroups.cgi?u=d99a5a24-49db-4210-b7df-e80f9e07c51b\r\nPage 2 of 2\n\nAPT groups Desert Falcons [Gaza] 2011-Oct 2023\n1 group listed (1 APT, 0 other, 0 unknown) \n   Page 1 of 2",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"references": [
		"https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=d99a5a24-49db-4210-b7df-e80f9e07c51b"
	],
	"report_names": [
		"listgroups.cgi?u=d99a5a24-49db-4210-b7df-e80f9e07c51b"
	],
	"threat_actors": [
		{
			"id": "9ff60d4d-153b-4ed5-a2f7-18a21d2fa05d",
			"created_at": "2022-10-25T16:07:23.539852Z",
			"updated_at": "2026-04-10T02:00:04.647734Z",
			"deleted_at": null,
			"main_name": "Desert Falcons",
			"aliases": [
				"APT-C-23",
				"ATK 66",
				"Arid Viper",
				"Niobium",
				"Operation Arid Viper",
				"Operation Bearded Barbie",
				"Operation Rebound",
				"Pinstripe Lightning",
				"Renegade Jackal",
				"TAG-63",
				"TAG-CT1",
				"Two-tailed Scorpion"
			],
			"source_name": "ETDA:Desert Falcons",
			"tools": [
				"AridSpy",
				"Barb(ie) Downloader",
				"BarbWire",
				"Desert Scorpion",
				"FrozenCell",
				"GlanceLove",
				"GnatSpy",
				"KasperAgent",
				"Micropsia",
				"PyMICROPSIA",
				"SpyC23",
				"Viper RAT",
				"ViperRAT",
				"VolatileVenom",
				"WinkChat",
				"android.micropsia"
			],
			"source_id": "ETDA",
			"reports": null
		}
	],
	"ts_created_at": 1775434636,
	"ts_updated_at": 1775791599,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/ccfe4784d774add841f9f710b77b9b92b17dae02.pdf",
		"text": "https://archive.orkl.eu/ccfe4784d774add841f9f710b77b9b92b17dae02.txt",
		"img": "https://archive.orkl.eu/ccfe4784d774add841f9f710b77b9b92b17dae02.jpg"
	}
}