Skip to content

Hide Navigation Hide TOC

Kapeka (c02ade32-d063-5b37-b598-80c09321184a)

Kapeka is a backdoor written in C++ used against victims in Eastern Europe since at least mid-2022. Kapeka has technical overlaps with Exaramel for Windows and Prestige malware variants, both of which are linked to Sandworm Team. Kapeka may have been used in advance of Prestige deployment in late 2022.[WithSecure Kapeka 2024][Microsoft KnuckleTouch 2024]

Cluster A Galaxy A Cluster B Galaxy B Level
Sandworm Team (16a65ee9-cd60-4f04-ba34-f2f45fcfc666) Tidal Groups Kapeka (c02ade32-d063-5b37-b598-80c09321184a) Tidal Software 1