Malware
LambLoad
aka OfficeCertTea
According to Microsoft, this is a downloader used in a supply chain attack involving a malicious variant of an application developed by CyberLink.
LambLoad, also known as OfficeCertTea, is a Windows malware family operated by Lazarus Group.
Background
Microsoft describes this as a downloader leveraged in a supply chain attack that abused a trojanized version of a CyberLink application. At its core is a genuine CyberLink installer altered to carry malicious code that retrieves, decrypts, and loads a second-stage payload. Signed with a valid certificate issued to CyberLink Corp. and served from CyberLink's own legitimate update infrastructure, the file also contains checks that narrow the execution window and help it slip past security products.
Source: Malpedia (Fraunhofer FKIE).