mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-26 16:57:18 +00:00
[threat-actors] Add Earth Kapre
This commit is contained in:
parent
6490424201
commit
b2e9f6c152
1 changed files with 14 additions and 0 deletions
|
@ -15351,6 +15351,20 @@
|
||||||
},
|
},
|
||||||
"uuid": "ffb28c09-16a6-483a-817a-89c89751c9d4",
|
"uuid": "ffb28c09-16a6-483a-817a-89c89751c9d4",
|
||||||
"value": "UNC5325"
|
"value": "UNC5325"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "Earth Kapre is an APT group specializing in cyberespionage. They target organizations in various countries through phishing campaigns using malicious attachments to infect machines. Earth Kapre employs techniques like abusing PowerShell, curl, and Program Compatibility Assistant to execute malicious commands and evade detection within targeted networks. The group has been active since at least 2018 and has been linked to multiple incidents involving data theft and espionage.",
|
||||||
|
"meta": {
|
||||||
|
"refs": [
|
||||||
|
"https://www.trendmicro.com/en_us/research/24/c/unveiling-earth-kapre-aka-redcurls-cyberespionage-tactics-with-t.html"
|
||||||
|
],
|
||||||
|
"synonyms": [
|
||||||
|
"RedCurl",
|
||||||
|
"Red Wolf"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "d4004926-bf12-4cfe-b141-563c8ffb304a",
|
||||||
|
"value": "Earth Kapre"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 304
|
"version": 304
|
||||||
|
|
Loading…
Reference in a new issue