HIGHLY_SUSPICIOUS (1) campaign cataloged at 2026-07-10(2).
- Packages that are likely malicious, but due to the obfuscation level, lack of time or clear indicators it's hard to say what exactly they do; the highest risk of false positives.
- This is just the date of creating the catalog entry. It may not reflect the date of creation of the campaign itself.
2026-07-reyxbo-wechat¶
Packages using or depending on suspicious embedded DLL, which appear to be obfuscated. However, there is a high chance it's a proprietary way to hook the official WeChat client.
Abuse categories¶
References¶
Referenced resources may include blog posts about the campaign, malware analysis, sandbox reports, or other relevant information.