{
	"id": "ca9255f2-79c0-46ec-b0a9-ba5763b3029e",
	"created_at": "2026-04-06T00:12:22.544922Z",
	"updated_at": "2026-04-10T03:24:29.96632Z",
	"deleted_at": null,
	"sha1_hash": "e0a2de6f9d87d9f652dc12ffb14b6805bce111e6",
	"title": "Intelligence 101",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 103039,
	"plain_text": "Intelligence 101\r\nArchived: 2026-04-05 19:26:19 UTC\r\na\r\nhttps://www.flashpoint-intel.com/blog/meet-ars-vbs-loader/\r\nPage 1 of 47\n\na\r\nAlphabay\r\nhttps://www.flashpoint-intel.com/blog/meet-ars-vbs-loader/\r\nPage 2 of 47\n\nA darknet marketplace, originally launched in September 2014, that has been considered one of the most popular\r\nand comprehensive illicit marketplaces to exist. The original AlphaBay was taken down by law enforcement’s\r\n“Operation Bayonet” in July 2017, and was relaunched by one of its original admins in August 2021. Its most\r\npopular offerings include drugs, fraud-related listings like credit cards and fullz, and guides and tutorials for fraud,\r\nhacking, and social engineering.\r\nAnonymous\r\nAnonymous is a globally recognized decentralized hacktivist collective, known for its widespread cyberattacks\r\ntargeting numerous governments, government institutions, government agencies, and corporations. These actions\r\nhave led to the arrest of numerous individuals involved in Anonymous cyberattacks across various countries,\r\nincluding the United States, the United Kingdom, Australia, the Netherlands, South Africa, Spain, India, and\r\nTurkey. Although Anonymous’ media presence declined by 2018, the group resurfaced in 2020 to provide support\r\nfor the George Floyd protests and other social causes. The decentralized structure of Anonymous enables different\r\nhackers in private chat rooms to contribute to different operations, while also allowing individuals who align with\r\ntheir mission to adopt the “Anonymous” label, regardless of formal group affiliation.\r\nAttack surface\r\nThe attack surface refers to the sum of all the potential points of vulnerability in a system, application, or network\r\nthat an attacker can exploit. It encompasses both the known and unknown vulnerabilities, including entry points,\r\nweak configurations, exposed services, and any other potential avenues for unauthorized access or compromise.\r\nb\r\nhttps://www.flashpoint-intel.com/blog/meet-ars-vbs-loader/\r\nPage 3 of 47\n\nb\r\nBitcoin\r\nhttps://www.flashpoint-intel.com/blog/meet-ars-vbs-loader/\r\nPage 4 of 47\n\nA digital currency that uses cryptology to secure transactions and control the creation of additional currencies.\r\nBitcoin is regarded as the first decentralized cryptocurrency and is the most widely used by cybercriminals. Its\r\ncurrency abbreviation is BTC.\r\nBotnet\r\nA network of computers controlled by malware and used for malicious purposes.\r\nBrand impersonation\r\nBrand impersonation refers to the act of creating fake online identities, websites, or social media accounts that\r\nmimic a legitimate brand or organization. The impersonators use these deceptive tactics to deceive and defraud\r\nindividuals, often to gain access to sensitive information or to scam unsuspecting users.\r\nBusiness email compromise\r\nBEC—a type of email fraud that usually leads to payment fraud or the obtaining of sensitive corporate\r\ninformation.\r\nc\r\nhttps://www.flashpoint-intel.com/blog/meet-ars-vbs-loader/\r\nPage 5 of 47\n\nc\r\nCompromised credentials\r\nhttps://www.flashpoint-intel.com/blog/meet-ars-vbs-loader/\r\nPage 6 of 47\n\nCompromised credentials refer to login information (e.g., username and password) that has been illicitly obtained\r\nby unauthorized individuals or cyber attackers, potentially leading to unauthorized access and misuse of the\r\nassociated online accounts or systems. This security breach can result from various methods, such as hacking,\r\nphishing, or malware attacks.\r\nCorporate security\r\nCorporate security refers to the strategies, protocols, and measures put in place by organizations to protect their\r\nphysical assets, personnel, and sensitive information from internal and external threats. It encompasses a range of\r\npractices and disciplines aimed at maintaining a secure and safe environment for employees, visitors, and the\r\norganization as a whole.\r\nCredential stuffing\r\nAutomatically entering a large number of credentials (usually obtained from data breaches) into websites until\r\nthey are matched to an existing account. Used in account takeover attacks.\r\nCrypting\r\nCrypting is the process of encrypting or obfuscating malicious code to evade detection by security software and\r\nanalysts.\r\nCVE (Common Vulnerabilities and Exposures)\r\nCVE stands for “Common Vulnerabilities and Exposures.” It is a system used by organizations and researchers to\r\ntrack and discuss publicly known vulnerabilities in various software and hardware products.\r\nCVSS\r\nThe Common Vulnerability Scoring System (CVSS) is a standardized framework used to assess and quantify the\r\nseverity of security vulnerabilities in computer systems or software. CVSS assigns scores based on various\r\nmetrics to help organizations prioritize and address security risks effectively.\r\nCyber Threat Intelligence\r\nOften referred to by the acronym CTI, Cyber Threat Intelligence refers to the information, data, and context that’s\r\nused to detect, assess, prioritize, and counter cyber threats in order to prevent potential attacks against an\r\norganization and reduce risk. Although the terms Cyber Threat intelligence and Threat Intelligence (CTI) are\r\nsometimes used interchangeably, they do have distinct nuances: Cyber Threat Intelligence specifically focuses on\r\ncyber threats, even those they may overlap with or manifest in the physical work, whereas Threat intelligence\r\nencompasses a broad spectrum of risks, including physical, geopolitical, and cyber threats.\r\nRead More →\r\nCyberattack\r\nhttps://www.flashpoint-intel.com/blog/meet-ars-vbs-loader/\r\nPage 7 of 47\n\nA cyberattack is a deliberate and malicious act carried out by threat actors to compromise the confidentiality,\r\nintegrity, or availability of computer systems, networks, or data. Cyberattacks encompass various techniques and\r\ntactics, such as exploiting vulnerabilities, ransomware, and DDoS attacks.\r\nCybersecurity\r\nCybersecurity is the practice of protecting computer systems, networks, and data from unauthorized access,\r\nbreaches, and attacks. It involves implementing measures, processes, and technologies to ensure the\r\nconfidentiality, integrity, and availability of digital information, safeguarding against potential threats and\r\nvulnerabilities in the digital landscape.\r\nd\r\nhttps://www.flashpoint-intel.com/blog/meet-ars-vbs-loader/\r\nPage 8 of 47\n\nd\r\nDark web\r\nhttps://www.flashpoint-intel.com/blog/meet-ars-vbs-loader/\r\nPage 9 of 47\n\nThe part of the internet that is accessible only through special software, such as Tor, which includes security and\r\nobfuscation measures to preserve users’ and website operators’ anonymity.\r\nDarknet\r\nAlso known as the dark web, the darknet is a hidden part of the internet that requires specific software,\r\nconfigurations, or authorization to access. It enables users to operate on encrypted networks, offering anonymity\r\nand privacy.\r\nData leak\r\nA data leak occurs when sensitive or confidential information is unintentionally exposed or disclosed to\r\nunauthorized individuals or entities. Although used interchangeably with data breaches, data leaks are specifically\r\nlimited to insider actions.\r\nDeep web\r\nThe part of the internet not indexed by standard search engines, including password-protected or dynamic pages\r\nand encrypted networks. These sites are, however, accessible using common web browsers, if the URL and/or\r\nlogin credentials are known.\r\nDevSecOps\r\nAn approach to software development that integrates security practices into every stage of the software\r\ndevelopment lifecycle.\r\nDigital risk\r\nDigital risk refers to the potential for negative consequences or harm that can arise from the use, adoption, or\r\nreliance on digital technologies and online platforms. This risk encompasses various factors, including\r\ncybersecurity threats, data breaches, privacy concerns, reputational damage, financial losses, and legal or\r\nregulatory issues associated with digital operations and interactions.\r\ne\r\nhttps://www.flashpoint-intel.com/blog/meet-ars-vbs-loader/\r\nPage 10 of 47\n\ne\r\nEavesdropping\r\nhttps://www.flashpoint-intel.com/blog/meet-ars-vbs-loader/\r\nPage 11 of 47\n\nAn attack in which a threat actor steals information as it is being transmitted.\r\nEthereum\r\nA decentralized, programmable blockchain system and community that allows developers to build decentralized\r\napplications. Ethereum also has a currency, Ether (ETH).\r\nExecutable\r\nA binary file that runs computer functions as designed by the programmer within the context of the operating\r\nsystem. In the context of malware, an executable is the part of the malware that runs the program’s malicious\r\nfunctions and components.\r\nExploit\r\nA method of leveraging a vulnerability, usually for nefarious purposes.\r\nExternal threat intelligence\r\nExternal threat intelligence refers to information and insights about potential cybersecurity attacks and risks that\r\ncome from sources outside an organization.\r\nf\r\nhttps://www.flashpoint-intel.com/blog/meet-ars-vbs-loader/\r\nPage 12 of 47\n\nf\r\nFetty\r\nhttps://www.flashpoint-intel.com/blog/meet-ars-vbs-loader/\r\nPage 13 of 47\n\nA slang term used by threat actors to refer to Fentanyl.\r\nForum\r\nAn online discussion board in which members can exchange knowledge, ideas, or expertise. Many Deep and Dark\r\nWeb (DDW) forums specialize in topics related to crime or extremist ideologies, which is why they utilize DDW\r\nanonymity measures.\r\nFUD\r\nFully undetectable, referring to malware that cannot be detected by antivirus software. Or, it can refer to Fear,\r\nUncertainty, and Doubt, referring to the sensationalization of potential new threats.\r\nFullz\r\n“Full packages” of individuals’ personally identifiable information (PII), such as social security numbers,\r\naddresses, or account numbers, sufficient for identity theft. Fullz can be sold to identity thieves to be leveraged in\r\ncredit card and other fraud operations. The term is often used on Dark Web marketplaces.\r\nh\r\nhttps://www.flashpoint-intel.com/blog/meet-ars-vbs-loader/\r\nPage 14 of 47\n\nh\r\nHacktivism\r\nhttps://www.flashpoint-intel.com/blog/meet-ars-vbs-loader/\r\nPage 15 of 47\n\nHacktivism refers to the use of cyberattacks to promote or advance a particular political or social cause. Hacktivist\r\nactivities can range from website defacement, DDoS attacks, and data breaches.\r\nHigh-fidelity intelligence\r\nHigh-fidelity intelligence refers to detailed and accurate information that is rich in quality and enables a\r\ncomprehensive understanding of a particular subject or situation. It allows organizations to act quickly and\r\nconfidently to defend against potential attacks.\r\ni\r\nhttps://www.flashpoint-intel.com/blog/meet-ars-vbs-loader/\r\nPage 16 of 47\n\ni\r\nImpersonation\r\nhttps://www.flashpoint-intel.com/blog/meet-ars-vbs-loader/\r\nPage 17 of 47\n\nImpersonation refers to the act of creating fake identities or masquerading as a legitimate user, entity, or system to\r\ngain unauthorized access to networks, data, or resources to perform malicious activities.\r\nIndicators of compromise\r\nKnown pieces of information associated with attacks. Indicators of compromise (IOCs) can include malware\r\nartifacts (such as file names and hashes), IP addresses to which the malware connects, and command and control\r\n(C2) domains and their resolutions.\r\nIntelligence\r\nA discipline that uses information collection and analysis tools and techniques to provide guidance and direction\r\nto organizations’ leaders in their decisions. The sole mission of any intelligence function is to support the\r\ndecision-maker.\r\nInternet of things\r\nIoT—a network of everyday devices and complex machinery connected to the Internet. The IoT has enabled\r\norganizations to automate manual processes, streamline operations, and adapt to regulatory requirements through\r\nremote control of an existing network infrastructure.\r\nj\r\nhttps://www.flashpoint-intel.com/blog/meet-ars-vbs-loader/\r\nPage 18 of 47\n\nj\r\nJoker’s Stash\r\nhttps://www.flashpoint-intel.com/blog/meet-ars-vbs-loader/\r\nPage 19 of 47\n\nFirst appearing in 2014, Joker’s Stash offered large volumes of uniquely and highly valid cards not available\r\nanywhere else online. It was one of the largest illicit payment card shops worldwide until its shutdown in 2021.\r\nk\r\nhttps://www.flashpoint-intel.com/blog/meet-ars-vbs-loader/\r\nPage 20 of 47\n\nk\r\nKernal\r\nhttps://www.flashpoint-intel.com/blog/meet-ars-vbs-loader/\r\nPage 21 of 47\n\nThe core of the Windows operating system. It provides interactions between hardware and software on Windows.\r\nIt is always present within the system memory, and is the most crucial part of the operating system. To provide\r\nproper access to resources such as processor time, memory space, and external storage such as hard drives, the\r\nWindows kernel needs to run at the highest privilege context within the operating system.\r\nKill switch\r\nA code found in malware that stops the malware’s operation if the conditions of the code are satisfied. For\r\nexample, a malware writer may design a code to prevent their malware from infecting machines in certain\r\ncountries. When the malware encounters such a machine, the kill switch is activated.\r\nl\r\nhttps://www.flashpoint-intel.com/blog/meet-ars-vbs-loader/\r\nPage 22 of 47\n\nl\r\nLitecoin\r\nhttps://www.flashpoint-intel.com/blog/meet-ars-vbs-loader/\r\nPage 23 of 47\n\nA cryptocurrency that utilizes blockchain technology. It was launched in 2011.\r\nLogs\r\nLogin credentials—an umbrella term for any information that can be used to log in to an account. Logs frequently\r\nconsist of a username and password pair. The term often refers to credentials obtained from botnets, but can also\r\nrefer to login information obtained from dumps, leaks, or breaches.\r\nm\r\nhttps://www.flashpoint-intel.com/blog/meet-ars-vbs-loader/\r\nPage 24 of 47\n\nm\r\nMarketplace\r\nhttps://www.flashpoint-intel.com/blog/meet-ars-vbs-loader/\r\nPage 25 of 47\n\nAn online forum that allows the exchange of goods or services. Different marketplaces specialize in various\r\nproducts, and many contain contraband and products that facilitate crime and fraud. Law enforcement agencies\r\nfrequently target illicit marketplaces to track or shut down illegal exchanges.\r\nMITRE ATT\u0026CK\r\nA global knowledge base and framework for categorizing threat actor tactics and techniques. MITRE has\r\ncategorized tactics (such as initial access) and subcategorized techniques (such as drive-by compromise or\r\nexploitation of a public-facing application). These techniques are identified by unique IDs.\r\nMonero\r\nA decentralized, privacy-focused cryptocurrency that obscures the identities of both parties involved in any\r\ntransaction, as well as the transaction amount. Many threat actors in the DDW prefer Monero to other\r\ncryptocurrencies due to its privacy features.\r\nn\r\nhttps://www.flashpoint-intel.com/blog/meet-ars-vbs-loader/\r\nPage 26 of 47\n\nn\r\nNeurolinguistic programming\r\nhttps://www.flashpoint-intel.com/blog/meet-ars-vbs-loader/\r\nPage 27 of 47\n\nA psychological manipulation technique that purportedly compels victims to act as directed. Neurolinguistic\r\nprogramming (NLP) was originally developed in the 1970s as a means of self-improvement related to hypnosis,\r\nand it has since been widely discredited. However, certain threat actors indicate high confidence in the technique.\r\nFraud communities often refer to NLP as a social engineering method, while conspiracy theorist communities\r\nreference NLP as a form of population control.\r\no\r\nhttps://www.flashpoint-intel.com/blog/meet-ars-vbs-loader/\r\nPage 28 of 47\n\no\r\nOperational security\r\nhttps://www.flashpoint-intel.com/blog/meet-ars-vbs-loader/\r\nPage 29 of 47\n\nOpsec—the process of protecting individual data items that could, when aggregrated, form a clearer idea of the\r\nidentity of the actor(s) behind an alias or operation.\r\np\r\nhttps://www.flashpoint-intel.com/blog/meet-ars-vbs-loader/\r\nPage 30 of 47\n\np\r\nPastebin\r\nhttps://www.flashpoint-intel.com/blog/meet-ars-vbs-loader/\r\nPage 31 of 47\n\nA website on which users can store information in plain text. It is popular among threat actors due to its ease of\r\nuse for anonymously sharing information. Pastebin was created in 2002, and posts on the site are known as\r\n“pastes.”\r\nPatch Tuesday\r\nPatch Tuesday is a recurring event that occurs on the second Tuesday of every month, when Microsoft publishes\r\nvulnerabilities affecting their software. However, multiple vendors have also copied this approach, resulting in\r\nhundreds of vulnerabilities being disclosed on the same day.\r\nPrimary Source Collection (PSC)\r\nPrimary Source Collection (PSC) is the ability to collect data directly from original sources, driven by an\r\norganization’s unique requirements, not a vendor’s fixed feed.\r\nr\r\nhttps://www.flashpoint-intel.com/blog/meet-ars-vbs-loader/\r\nPage 32 of 47\n\nr\r\nRemote Access Trojan\r\nhttps://www.flashpoint-intel.com/blog/meet-ars-vbs-loader/\r\nPage 33 of 47\n\nRAT—a piece of malware that provides a backdoor to establishing administrative control over an infected\r\nmachine. By establishing administrative control, the malware operator is able to control the infected machine as if\r\nthey had physical access.\r\nRisk\r\nThe forecasting and evaluation of business risks together with the identification of procedures to avoid or\r\nminimize their impact.\r\ns\r\nhttps://www.flashpoint-intel.com/blog/meet-ars-vbs-loader/\r\nPage 34 of 47\n\ns\r\nScammer\r\nhttps://www.flashpoint-intel.com/blog/meet-ars-vbs-loader/\r\nPage 35 of 47\n\nAn individual who defrauds others by offering goods/services or payment for goods/services that they do not\r\nintend to follow through on.\r\nSIM swap\r\nThe practice of having a phone number switched over to a different SIM card. Methods include social engineering\r\ncustomer service professionals at the carrier or working with an insider. The goal is usually to receive two-factor-authentication codes via SMS to aid in account takeover activities.\r\nSocial engineering\r\nTechniques in which a threat actor uses social interactions or tailored content to manipulate a system or individual\r\ninto improperly granting them permissions or benefits, or divulging protected information. For example, a threat\r\nactor may use social engineering to dupe a technology company employee into giving them password recovery\r\ninformation for an account that is not theirs, or they may convince a retail employee to grant them a refund for a\r\ndelivery the threat actor actually received.\r\nSpoofing\r\nSpoofing refers to the act of falsifying or manipulating data to make it appear as if it comes from a trusted source\r\nwhen it does not. This deceptive technique is often used in various cyber attacks, such as email spoofing, IP\r\naddress spoofing, or caller ID spoofing, to trick users or systems into believing that the information is legitimate,\r\nleading to potential security breaches, phishing attempts, or other malicious activities.\r\nStealer\r\nA class of malware that steals data from a target user or a compromised system. The stolen data can include\r\nsystem data, user credentials, user files, or other data that the attacker can monetize or use in other attacks.\r\nt\r\nhttps://www.flashpoint-intel.com/blog/meet-ars-vbs-loader/\r\nPage 36 of 47\n\nt\r\nTor\r\nhttps://www.flashpoint-intel.com/blog/meet-ars-vbs-loader/\r\nPage 37 of 47\n\nThe Onion Router—a software bundle that enables users to communicate with the internet anonymously. Tor\r\ntraffics encrypted communications through an overlay network consisting of thousands of relays, or nodes, and\r\nbounces information between these multiple relays from the user’s computer to the internet and vice versa. Tor\r\nthus conceals a user’s identity by wrapping traffic in encrypted layers, much like an onion. However, ISPs can tell\r\nwhen a user is using Tor. Tor was first proposed in 1995 by the Office of Naval Research (ONR) and later\r\nsupported by DARPA in 1997. The Tor Project was founded in September 2004.\r\nTyposquatting\r\nA fraudulent domain that resembles a trusted URL, but with a small typo.\r\nu\r\nhttps://www.flashpoint-intel.com/blog/meet-ars-vbs-loader/\r\nPage 38 of 47\n\nu\r\nUser agent\r\nhttps://www.flashpoint-intel.com/blog/meet-ars-vbs-loader/\r\nPage 39 of 47\n\nA software agent that represents or acts on behalf of a user. A user-agent string is information sent by a browser to\r\na web resource to identify itself. The information contains the web browser being used, the operating system\r\nrunning the browser, the device type, and other useful information the web resource uses to identify the browser.\r\nUser datagram protocol\r\nUDP—a protocol that provides a procedure for application programs to send messages to other programs with a\r\nminimum protocol mechanism. UDP is transaction-oriented, and delivery and duplicate protection are not\r\nguaranteed. This is a connectionless protocol that does not verify the source of the transmission.\r\nv\r\nhttps://www.flashpoint-intel.com/blog/meet-ars-vbs-loader/\r\nPage 40 of 47\n\nw\r\nhttps://www.flashpoint-intel.com/blog/meet-ars-vbs-loader/\r\nPage 41 of 47\n\nw\r\nWatering hole attack\r\nhttps://www.flashpoint-intel.com/blog/meet-ars-vbs-loader/\r\nPage 42 of 47\n\nAn attack in which a threat actor compromises a specific website to access the confidential information of specific\r\ntargeted victims. The threat actor generally chooses a site to target based on the victims who are most likely to\r\naccess it—for example, the actor may target an academic website to compromise the credentials of experts in a\r\ngiven field. In some watering-hole attacks, victims are served malware when they access the compromised\r\nwebsite; this malware may be tailored to target a specific IP address.\r\nWeb shell\r\nA script in a web server that a threat actor uses to maintain persistence in a vulnerable or compromised system.\r\nWeb shells may be used for other malicious functions by executing attacker input, or used simply as a backdoor.\r\nThey can be installed on a system by exploiting vulnerabilities. They can be written in any scripting language as\r\nlong as the web server supports it, though they are commonly written in web development languages such as PHP.\r\nWorm\r\nMalware that self-propagates and continually infects new machines while active on already-infected machines.\r\ny\r\nhttps://www.flashpoint-intel.com/blog/meet-ars-vbs-loader/\r\nPage 43 of 47\n\ny\r\nYahoo Boys\r\nhttps://www.flashpoint-intel.com/blog/meet-ars-vbs-loader/\r\nPage 44 of 47\n\nOriginally a group of Nigerian fraudsters known for conducting 419 scams; the term expanded to describe\r\nNigerian fraudsters who engage in 419-related fraud schemes. Many Yahoo Boys are known for flaunting\r\nextravagant lifestyles.\r\nYandex\r\nRussian internet services corporation that is best-known for its search engine, which is popular in Russian-speaking countries. The company also offers e-wallets for fund transfers to bank cards, Western Union, or bank\r\naccounts.\r\nz\r\nhttps://www.flashpoint-intel.com/blog/meet-ars-vbs-loader/\r\nPage 45 of 47\n\nz\r\nZero day\r\nhttps://www.flashpoint-intel.com/blog/meet-ars-vbs-loader/\r\nPage 46 of 47\n\nA previously unknown or undisclosed vulnerability that can be targeted and exploited. Advanced persistent threat\r\n(APT) groups may work to discover or develop them to target entities; cybercriminals who discover them may be\r\nable to sell them for hundreds of thousands of dollars.\r\nZero Trust\r\nZero Trust is a security framework and approach that assumes no implicit trust for users, devices, or network\r\nresources, regardless of their location. It emphasizes the need for continuous authentication, strict access controls,\r\nand comprehensive monitoring and logging to enhance security in today’s computing environments.\r\nSource: https://www.flashpoint-intel.com/blog/meet-ars-vbs-loader/\r\nhttps://www.flashpoint-intel.com/blog/meet-ars-vbs-loader/\r\nPage 47 of 47",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"Malpedia"
	],
	"references": [
		"https://www.flashpoint-intel.com/blog/meet-ars-vbs-loader/"
	],
	"report_names": [
		"meet-ars-vbs-loader"
	],
	"threat_actors": [
		{
			"id": "aa73cd6a-868c-4ae4-a5b2-7cb2c5ad1e9d",
			"created_at": "2022-10-25T16:07:24.139848Z",
			"updated_at": "2026-04-10T02:00:04.878798Z",
			"deleted_at": null,
			"main_name": "Safe",
			"aliases": [],
			"source_name": "ETDA:Safe",
			"tools": [
				"DebugView",
				"LZ77",
				"OpenDoc",
				"SafeDisk",
				"TypeConfig",
				"UPXShell",
				"UsbDoc",
				"UsbExe"
			],
			"source_id": "ETDA",
			"reports": null
		}
	],
	"ts_created_at": 1775434342,
	"ts_updated_at": 1775791469,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/e0a2de6f9d87d9f652dc12ffb14b6805bce111e6.pdf",
		"text": "https://archive.orkl.eu/e0a2de6f9d87d9f652dc12ffb14b6805bce111e6.txt",
		"img": "https://archive.orkl.eu/e0a2de6f9d87d9f652dc12ffb14b6805bce111e6.jpg"
	}
}