Earth Kapre

Directly Linked Intrusion Sets	Red Wolf , RedCurl

Earth Kapre is an intrusion set tracked by Trend Micro researchers and linked to the RedCurl group. According to researchers Earth Kapre conduct espionage operations against organizations globally.

Cyber Threat Graph Context

Explore how this Intrusion Set relates to the wider threat graph

Earth Kapre Threat Reports

Report

Unveiling Earth Kapre aka RedCurl’s Cyberespionage Tactics With Trend Micro MDR, Threat Intelligence

The blog entry details an investigation by Trend Micro's Managed Extended Detection and Response (MDR) team into a cyberespionage incident ...

View Source

References

www.trendmicro.com

https://www.trendmicro.com/en_us/research/24/c/unveiling-earth-kapre-aka-redcurls-cyberespionage-tactics-with-t.html

MITRE ATT&CK Techniques

MITRE ATT&CK techniques observed in use by this intrusion set.

ATT&CK ID	Title	Associated Tactics
T1202	Indirect Command Execution	Defense Evasion
T1059.006	Python	Execution
T1204.002	Malicious File	Execution
T1059.003	Windows Command Shell	Execution
T1566.001	Spearphishing Attachment	Initial Access
T1204.001	Malicious Link	Execution
T1059.001	PowerShell	Execution
T1071.001	Web Protocols	Command and Control
T1053.005	Scheduled Task	Execution, Persistence, Privilege Escalation