Earth KapreEarth Kapre

Also known as: RedCurl · Red Wolf · GOLD BLADE · Earth Kapre

Known aliases
4

Profile

Earth Kapre is an APT group specializing in cyberespionage. They target organizations in various countries through phishing campaigns using malicious attachments to infect machines. Earth Kapre employs techniques like abusing PowerShell, curl, and Program Compatibility Assistant to execute malicious commands and evade detection within targeted networks. The group has been active since at least 2018 and has been linked to multiple incidents involving data theft and espionage.

Aliases· 4

RedCurlRed WolfGOLD BLADEEarth Kapre

References

  1. https://www.trendmicro.com/en_us/research/24/c/unveiling-earth-kapre-aka-redcurls-cyberespionage-tactics-with-t.html
  2. https://news.sophos.com/en-us/2025/12/05/sharpening-the-knife-gold-blades-strategic-evolution/

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Actor
Earth Krahang
Actor
Earth Kurma
Actor
Earth Naga
Actor
Earth Kitsune
Actor
Earth Yako
Actor
Earth Lamia
Sourced from MISP-Galaxy Threat Actor cluster. Curated by Adam Lundqvist, Founder at SQUR.