Skip to content

HIGHLY_SUSPICIOUS (1) campaign cataloged at 2026-07-10(2).

  1. Packages that are likely malicious, but due to the obfuscation level, lack of time or clear indicators it's hard to say what exactly they do; the highest risk of false positives.
  2. This is just the date of creating the catalog entry. It may not reflect the date of creation of the campaign itself.

2026-07-reyxbo-wechat

Packages using or depending on suspicious embedded DLL, which appear to be obfuscated. However, there is a high chance it's a proprietary way to hook the official WeChat client.

Abuse categories

References

Referenced resources may include blog posts about the campaign, malware analysis, sandbox reports, or other relevant information.

Packages in the campaign

campaign:2026-07-reyxbo-wechat