This post is the second part of article on the Sakula malware. It follows the first one available here and covers versions 2.x and 3.x.
Tag - BlackVine
By Yoann Francou on 2015/12/07, 10:52 - Reverse engineering
By Yoann Francou on 2015/11/09, 10:28 - Reverse engineering
This post follows a paper published by Symantec about a group of attackers known as BlackVine. It describes the technical evolution of the custom-developed RAT Sakula used in campaigns targeting industries such as energy, aerospace and healthcare.