From malware.news
![](https://cdn-images-1.medium.com/max/1024/1*8wKIv0iDcnJSnOx8MQkCAw.png)
Introduction
In this blog, i will be uncovering up techniques that can be used for unpacking trojan “Polyglot Duke” developed by APT29 ( The Dukes / Cozy Bear) attributed as Russia’s Foreign Intelligence Service (SVR).
Information Gathering
Let first look up the file in the PE Studio. It’s 64-bit loader of PolyglotDuke.
![](https://cdn-images-1.medium.com/max/1024/1*XhLIa5WPiYNXJRH3O94IWw.jpeg)