Tag Archives: Badur

Rubin Sister – 16% Detection Rate – MultiPlug / Qudamah / Badur

Hello! I was playing around and testing some downloads when I found a file digitally signed by Rubin Sister.

Rubin Sister publisher

If you have a Rubin Sister file on your computer you may have noticed that Rubin Sister pops up as the publisher in the User Account Control dialog when running the file. The certificate is issued by Certum Code Signing CA.

Rubin Sister certificate

A variant of Win32/Adware.MultiPlug.JZ, Riskware/Badur, Trojan.Win32.Qudamah.Gen.7 and suspected of Heur.Malware-Cryptor.Multiplug are some detection names according to VirusTotal:

Rubin Sister anti-virus report

Did you also find an Rubin Sister? Do you remember the download link? Please post it in the comments below and I’ll upload it to VirusTotal to see if that one is also detected.

Thanks for reading.