Analiza pliku infekcji podszywającego się pod aplikację Rufus

One of our clients reported an infection to us after downloading a Rufus file. The file did not have a certificate and its MD5 checksum is 7BF6F285D07B46D4542CDC7D0186FF71 The client’s suspicion aroused the file size of over 300 MB but only after its launch.

The file had a Rufus application icon. The customer reported that he had downloaded it from a website confusingly similar to the software vendor’s website, but when it was launched, the corresponding Rufus windows did not appear. The infection is detected by some antivirus or the result of network analysis. Removing the infection was possible thanks to the antivirus program, it detected the infection, but it is not certain whether all the modules of the 300 MB infection were removed. Maybe the infection has to do with mass Anonymous attacks,

Anonymous attack on Russian TV - video material

#Anonymous was marked by many Russian government sites linked to the Kremlin. According to anonymous information, one of the telecommunications, energy and gas suppliers had a break in the supply of gas to its customers. Illegally distributed software was used to take control of computers in Russia.

Anonymous threatens Putin with revealing his secrets.