Malware
CloudDuke
aka MiniDionis · CloudLook
F-Secure describes CloudDuke as a malware toolset known to consist of, at least, a downloader, a loader and two backdoor variants.
CloudDuke, also known as MiniDionis, CloudLook, is a Windows malware family operated by APT29.
Background
F-Secure characterizes CloudDuke as a malware toolset comprising at minimum a downloader, a loader, and two distinct backdoor variants. The downloader retrieves and runs further malware from a preset location, which can be either a web URL or a Microsoft OneDrive account. Both backdoor variants offer basic backdoor features comparable to SeaDuke; one reaches a preconfigured C&C server over HTTP or HTTPS, while the other relies on a Microsoft OneDrive account to pass commands and exfiltrated data to its operators.
Source: Malpedia (Fraunhofer FKIE).