PolyGlot Malware Analysis
Added 2023-05-03 15:28:11 +0000 UTCLet's see an example of a polyglot file. There's a tweet with an image connected to it. If you save the image and open it up, you'll see it's just a normal image with text instructing you to save the image and change the extension to .zip. If you do that and unzip the file, you'll find a folder with Python source code and a few more files that look like they've come from a GitHub repository.
So, a polyglot file is a computer program or script written in a valid form of multiple programming languages or file formats. The name was coined by analogy to multilingualism. A polyglot file is composed by combining two syntaxes from different formats, and then this can be compiled and shared around.
In the example shown, the polyglot file has both a ZIP and a PNG format. If the file format is a PNG, it'll be opened, and the correct image will be displayed. If changed to a ZIP, it will act as a ZIP, and you can extract it.
![[R-18] Podone](https://nokimo.com/istorage/101964.jpg)
