The Turla APT has revamped its arsenal in 2019, creating new weapons and tools for targeting government entities. It s now using booby-trapped anti-internet censorship software as an initial infection vector, suggesting Turla is going after dissident or other civil-society targets. The Topinambour dropper contains what Kaspersky calls a tiny.NET shell that will wait for Windows shell commands from the command-and-control server (C2) and silently execute them.
Source: https://threatpost.com/turla-apt-malware-anti-censorship/146472/