Kapeka backdoor loaded via rundll32.exe

Intel Name: Kapeka backdoor loaded via rundll32.exe

Date of Scan: December 31, 2024

Impact: High

Summary:
Identifies the Kapeka Backdoor binary being loaded by rundll32.exe. The Kapeka loader deploys a backdoor disguised as a Microsoft Word Add-In, using a DLL file with a ‘.wll’ extension.

More Details