| SYMBOL | COMMON_NAME | aka. SYNONYMS |
Earth Kapre is an APT group specializing in cyberespionage. They target organizations in various countries through phishing campaigns using malicious attachments to infect machines. Earth Kapre employs techniques like abusing PowerShell, curl, and Program Compatibility Assistant to execute malicious commands and evade detection within targeted networks. The group has been active since at least 2018 and has been linked to multiple incidents involving data theft and espionage.
There are currently no families associated with this actor.
| 2025-12-05
⋅
Sophos
⋅
Sharpening the knife: GOLD BLADE’s strategic evolution Earth Kapre |