Unpacking of APT29 PolyglotDuke

From malware.news


In this blog, i will be uncovering up techniques that can be used for unpacking trojan “Polyglot Duke” developed by APT29 ( The Dukes / Cozy Bear) attributed as Russia’s Foreign Intelligence Service (SVR).

Information Gathering

Let first look up the file in the PE Studio. It’s 64-bit loader of PolyglotDuke.

Read more…