APT31 cloned and reused a Windows-based hacking tool for years before Microsoft patched the vulnerability, researchers report.