Several days ago, our products detected an unusual sample from the Destover family. The Destover family of trojans has been used in the high profile attacks known as DarkSeoul, in March 2013, and more recently, in the attack against Sony pictures in November 2014. We wrote about it on December 4th, including the possible links with the Shamoon attack from 2012.
more here..........https://securelist.com/blog/security-policies/68073/destover-malware-now-digitally-signed-by-sony-certificates/
more here..........https://securelist.com/blog/security-policies/68073/destover-malware-now-digitally-signed-by-sony-certificates/