Kapeka (c02ade32-d063-5b37-b598-80c09321184a)
Kapeka is a backdoor written in C++ used against victims in Eastern Europe since at least mid-2022. Kapeka has technical overlaps with Exaramel for Windows and Prestige malware variants, both of which are linked to Sandworm Team. Kapeka may have been used in advance of Prestige deployment in late 2022.[WithSecure Kapeka 2024][Microsoft KnuckleTouch 2024]
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Sandworm Team (16a65ee9-cd60-4f04-ba34-f2f45fcfc666) | Tidal Groups | Kapeka (c02ade32-d063-5b37-b598-80c09321184a) | Tidal Software | 1 |