{
	"id": "bd5119bb-1b4d-4c3c-b922-11688b2dc6b6",
	"created_at": "2026-04-06T01:29:10.960795Z",
	"updated_at": "2026-04-10T03:20:31.807069Z",
	"deleted_at": null,
	"sha1_hash": "39fc8b67b3a0694036dc2bd3f40888bf00b618e7",
	"title": "https://www.trendmicro.com/content/dam/trendmicro/global/en/research/22/h/ransomware-actor-abuses-genshin-impact-anti-cheat-driver-to-kill-antivirus/IOCs-blog-Ransomware%20Actor%20Abuses%20Genshin%20Impact%20Anti-Cheat%20Driver%20to%20Kill%20Antivirus.txt",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 38163,
	"plain_text": "https://www.trendmicro.com/content/dam/trendmicro/global/en/research/22/h/ranso\r\nactor-abuses-genshin-impact-anti-cheat-driver-to-kill-antivirus/IOCs-blog-Ransomware%20Actor%20Abuses%20Genshin%20Impact%20Anti-Cheat%20Driver%20to%20Kill%20Antivirus.txt\r\nArchived: 2026-04-06 00:33:59 UTC\r\nFile name SHA-1 Detection name\r\navg.msi 274685C591E96CB1F9CAE91EC8E7073F3A4CB113 Trojan.Win32.BABUK.YACGY\r\navg.exe D4FFD891B9FC1AE212489ABBA43D76E2D58E6782 Trojan.Win32.BABUK.A\r\nsvchost.exe F47D9EC9C2515761E2BC40287B299420A86AF6AB Ransom.Win32.BABUK.YACGY\r\nmhyprot2.sys 0466E90BF0E83B776CA8716E01D35A8A2E5F96D3 N/A\r\nlogon.bat 1ED1174E6E5545AAA081A480156485156B9D3A13 Trojan.BAT.BABUK.YACGY\r\nHelpPane.exe 2CF9376B057E187B9F465BDAF1C50FDBA9BA66E6 Trojan.Win32.KILLAV.WLEBB\r\nkill_svc.exe ccb219be156551464a2b91dfc5cddaf0c3e8321f Trojan.Win32.KILLAV.WLEBB\r\nb.bat 7617511adda7cb03f317f0df61624b5ecbffcd87 Trojan.BAT.KILLAV.WLEBB\r\nSource: https://www.trendmicro.com/content/dam/trendmicro/global/en/research/22/h/ransomware-actor-abuses-genshin-impact-anti-cheat-driver-to-kill-an\r\ntivirus/IOCs-blog-Ransomware%20Actor%20Abuses%20Genshin%20Impact%20Anti-Cheat%20Driver%20to%20Kill%20Antivirus.txt\r\nhttps://www.trendmicro.com/content/dam/trendmicro/global/en/research/22/h/ransomware-actor-abuses-genshin-impact-anti-cheat-driver-to-kill-antivirus/IOCs-blog-Ransomware%20Actor%20Abuses%20Genshin%20Impact%20Anti-Cheat%20Driver%20to%20Kill%20Antivirus.txt\r\nPage 1 of 1",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"Malpedia"
	],
	"references": [
		"https://www.trendmicro.com/content/dam/trendmicro/global/en/research/22/h/ransomware-actor-abuses-genshin-impact-anti-cheat-driver-to-kill-antivirus/IOCs-blog-Ransomware%20Actor%20Abuses%20Genshin%20Impact%20Anti-Cheat%20Driver%20to%20Kill%20Antivirus.txt"
	],
	"report_names": [
		"IOCs-blog-Ransomware%20Actor%20Abuses%20Genshin%20Impact%20Anti-Cheat%20Driver%20to%20Kill%20Antivirus.txt"
	],
	"threat_actors": [],
	"ts_created_at": 1775438950,
	"ts_updated_at": 1775791231,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/39fc8b67b3a0694036dc2bd3f40888bf00b618e7.pdf",
		"text": "https://archive.orkl.eu/39fc8b67b3a0694036dc2bd3f40888bf00b618e7.txt",
		"img": "https://archive.orkl.eu/39fc8b67b3a0694036dc2bd3f40888bf00b618e7.jpg"
	}
}