Chapter 7 of 10 · Reverse Engineering 70%

🪟 Duqu used a TrueType font zero-day to inject into Windows processes. Could you trace its path?

In 2011, Duqu exploited CVE-2011-3402 in Windows kernel font parsing to inject into processes undetected. You'll master PE analysis, DLL injection, process hollowing, and persistence mechanisms used by real APTs. 🔬

Premium Chapter

Create a free account to access this chapter and start learning with hands-on labs.

Create Free Account

Ready to track your progress?

Create a free account to save your progress, earn XP, and access 170+ hands-on cybersecurity labs.

Start Learning Free

Course Progress

Track your learning journey

0 /10

0 % Complete

10 Remaining

Course Chapters

No chapters found for this filter

Reverse Engineering

🪟 Duqu used a TrueType font zero-day to inject into Windows processes. Could you trace its path?

Premium Chapter

Ready to track your progress?

Course Progress

Course Chapters

RE fundamentals

Ghidra

Malware basics

Static analysis

Dynamic analysis

Unpacking

Windows malware

Ransomware analysis

Threat intelligence

Malware defense