Sakula DLL planting analysis
Abstract
This technical note discusses a version of Sakula uploaded to VirusTotal on the 25th April 2016. The sample initially looked interesting as it uses a signed Kaspersky binary to load itself, presumably to avoid UAC.
Type
Publication
By NCC Group
David Cannings
Cyber Security
My interests include computer security, digital electronics and writing tools to help analysis of cyber attacks.