Hello readers! Just a short note on a publisher called Artem Leonidov. This is how Artem Leonidov appears when running the file:
The certificate is issued by Certum Code Signing CA. And the publisher is located in Russia:
When I uploaded the file to VirusTotal – as I usually do when I find something that looks suspicious – 18% of the scanners detected the file. The file is detected as a variant of Win32/Adware.MultiPlug.LG by ESET-NOD32, PUP.Optional.Bundle by Malwarebytes, Trojan.Win32.Qudamah.Gen.6 by Tencent and suspected of Heur.Malware-Cryptor.Multiplug by VBA32.
Did you also find a Artem Leonidov file? Do you remember where you downloaded it?
Thank you for reading.