Intel Name: Kapeka backdoor loaded via rundll32.exe
Date of Scan: December 31, 2024
Impact: High
Summary: Identifies the Kapeka Backdoor binary being loaded by rundll32.exe. The Kapeka loader deploys a backdoor disguised as a Microsoft Word Add-In, using a DLL file with a ‘.wll’ extension.