{
	"id": "35a1b438-10bf-4219-b1e5-d00d33bc0d72",
	"created_at": "2026-04-06T00:15:19.435224Z",
	"updated_at": "2026-04-10T03:21:43.390151Z",
	"deleted_at": null,
	"sha1_hash": "f3df7e4a1e7d1643ac36f997a4575a509dbf8851",
	"title": "Threat Group Cards: A Threat Actor Encyclopedia",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 28516,
	"plain_text": "Threat Group Cards: A Threat Actor Encyclopedia\r\nArchived: 2026-04-05 18:50:08 UTC\r\nDescriptionAccording to PCrisk, AtomSilo is a type of malware that blocks access to files by encrypting them and\r\nrenames every encrypted file by appending the '.ATOMSILO' to its filename. It renames '1.jpg' to\r\n'1.jpg.ATOMSILO', '2.jpg' to '2.jpg.ATOMSILO', and so on. As its ransom note, AtomSilo creates the 'README-FILE-#COMPUTER-NAME#-#CREATION-TIME#.hta' file.\r\nSource: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=2cc89be8-f828-4db4-9ce7-9fdb7b85d5c0\r\nhttps://apt.etda.or.th/cgi-bin/listgroups.cgi?u=2cc89be8-f828-4db4-9ce7-9fdb7b85d5c0\r\nPage 1 of 1",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"references": [
		"https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=2cc89be8-f828-4db4-9ce7-9fdb7b85d5c0"
	],
	"report_names": [
		"listgroups.cgi?u=2cc89be8-f828-4db4-9ce7-9fdb7b85d5c0"
	],
	"threat_actors": [],
	"ts_created_at": 1775434519,
	"ts_updated_at": 1775791303,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/f3df7e4a1e7d1643ac36f997a4575a509dbf8851.pdf",
		"text": "https://archive.orkl.eu/f3df7e4a1e7d1643ac36f997a4575a509dbf8851.txt",
		"img": "https://archive.orkl.eu/f3df7e4a1e7d1643ac36f997a4575a509dbf8851.jpg"
	}
}