From malware.news
Introduction
In this blog, i will be uncovering up techniques that can be used for unpacking trojan “Polyglot Duke” developed by APT29 ( The Dukes / Cozy Bear) attributed as Russia’s Foreign Intelligence Service (SVR).
Information Gathering
Let first look up the file in the PE Studio. It’s 64-bit loader of PolyglotDuke.
