Loader
BaoLoader
According to Expel, the developers behind the recent AppSuite-PDF and PDF Editor campaigns have used at least 26 code-signing certificates over the last seven years to make their software appear legit
According to Expel, the developers behind the recent AppSuite-PDF and PDF Editor campaigns have used at least 26 code-signing certificates over the last seven years to make their software appear legitimate. Due to different use of and certificate clustering, the malware is believed different from both Chromeloader and TamperedChef.
Family metadata imported from Malpedia (Fraunhofer FKIE).