One way to evade malware protection is to use fraudulent digital certificates to sign your malware.
According to Malwarebytes, malware is using a fraudulent digital certificate issued by Comodo for “Buster Paper Comercial Ltda”, a bogus Brazilian company. Because the cert is valid with a known certificate authority, the browser will accept it, and thus allow the malware to run. And, potentially, evade anti-malware protection.
After posting this blog, the malware links to sites located on Egnyte have been taken down, and the certificate revoked by DigiCert.