{
	"id": "c55081c7-20a7-4aac-bbb4-4d2bf449dca1",
	"created_at": "2026-04-06T00:12:15.56967Z",
	"updated_at": "2026-04-10T13:11:25.054795Z",
	"deleted_at": null,
	"sha1_hash": "f7ef9807344396e1c29ac00ce7592e333498bca9",
	"title": "Medium",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 101593,
	"plain_text": "500\r\nApologies, but something went wrong on our\r\nend.\r\nRefresh the page, check Medium's site status, or find something interesting to\r\nread.\r\nOpen in app Sign up Sign in\r\nSearch\r\nTo make Medium work, we log user data. By using Medium, you agree to\r\nour Privacy Policy, including cookie policy.\r\nLogga in med Google\r\nLogga in i Medium med\r\nGoogle-kontot\r\nNu slipper du komma ihåg alla\r\nlösenord. Det är snabbt, enkelt\r\noch säkert att logga in.\r\nFortsätt\r\nhttps://medium.com/chronicle-blog/winnti-more-than-just-windows-and-gates-e4f03436031a\r\nPage 1 of 1",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"MISPGALAXY",
		"MITRE",
		"ETDA",
		"Malpedia"
	],
	"origins": [
		"web"
	],
	"references": [
		"https://medium.com/chronicle-blog/winnti-more-than-just-windows-and-gates-e4f03436031a"
	],
	"report_names": [
		"winnti-more-than-just-windows-and-gates-e4f03436031a"
	],
	"threat_actors": [
		{
			"id": "4d5f939b-aea9-4a0e-8bff-003079a261ea",
			"created_at": "2023-01-06T13:46:39.04841Z",
			"updated_at": "2026-04-10T02:00:03.196806Z",
			"deleted_at": null,
			"main_name": "APT41",
			"aliases": [
				"WICKED PANDA",
				"BRONZE EXPORT",
				"Brass Typhoon",
				"TG-2633",
				"Leopard Typhoon",
				"G0096",
				"Grayfly",
				"BARIUM",
				"BRONZE ATLAS",
				"Red Kelpie",
				"G0044",
				"Earth Baku",
				"TA415",
				"WICKED SPIDER",
				"HOODOO",
				"Winnti",
				"Double Dragon"
			],
			"source_name": "MISPGALAXY:APT41",
			"tools": [],
			"source_id": "MISPGALAXY",
			"reports": null
		},
		{
			"id": "2a24d664-6a72-4b4c-9f54-1553b64c453c",
			"created_at": "2025-08-07T02:03:24.553048Z",
			"updated_at": "2026-04-10T02:00:03.787296Z",
			"deleted_at": null,
			"main_name": "BRONZE ATLAS",
			"aliases": [
				"APT41 ",
				"BARIUM ",
				"Blackfly ",
				"Brass Typhoon",
				"CTG-2633",
				"Earth Baku ",
				"GREF",
				"Group 72 ",
				"Red Kelpie ",
				"TA415 ",
				"TG-2633 ",
				"Wicked Panda ",
				"Winnti"
			],
			"source_name": "Secureworks:BRONZE ATLAS",
			"tools": [
				"Acehash",
				"CCleaner v5.33 backdoor",
				"ChinaChopper",
				"Cobalt Strike",
				"DUSTPAN",
				"Dicey MSDN",
				"Dodgebox",
				"ForkPlayground",
				"HUC Proxy Malware (Htran)"
			],
			"source_id": "Secureworks",
			"reports": null
		}
	],
	"ts_created_at": 1775434335,
	"ts_updated_at": 1775826685,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/f7ef9807344396e1c29ac00ce7592e333498bca9.pdf",
		"text": "https://archive.orkl.eu/f7ef9807344396e1c29ac00ce7592e333498bca9.txt",
		"img": "https://archive.orkl.eu/f7ef9807344396e1c29ac00ce7592e333498bca9.jpg"
	}
}