What happens when a rarely seen piece of malware, attributed to one of the world’s most elite APT groups, reemerges in the midst of the “cyber battlefield” of the Ukraine - Russia conflict? We will explore the evolution of the advanced Kazuar backdoor by the elite Turla APT group. We will dive into Kazuar’s technical analysis and Secops, going into detailed analysis of its previously undocumented functionality, encryption implementations, packing and code obfuscation. We will provide the audience with practical ways to hunt for the elusive Kazuar backdoor.