**trendmicro.com/content/dam/trendmicro/global/en/research/22/h/ransomware-actor-abuses-genshin-impact-anti-cheat-**
driver-to-kill-antivirus/IOCs-blog-Ransomware Actor Abuses Genshin Impact Anti-Cheat Driver to Kill Antivirus.txt

File name SHA-1 Detection name

avg.msi 274685C591E96CB1F9CAE91EC8E7073F3A4CB113
Trojan.Win32.BABUK.YACGY

avg.exe D4FFD891B9FC1AE212489ABBA43D76E2D58E6782 Trojan.Win32.BABUK.A

svchost.exe F47D9EC9C2515761E2BC40287B299420A86AF6AB
Ransom.Win32.BABUK.YACGY

mhyprot2.sys 0466E90BF0E83B776CA8716E01D35A8A2E5F96D3 N/A

logon.bat 1ED1174E6E5545AAA081A480156485156B9D3A13 Trojan.BAT.BABUK.YACGY

HelpPane.exe 2CF9376B057E187B9F465BDAF1C50FDBA9BA66E6
Trojan.Win32.KILLAV.WLEBB

kill_svc.exe ccb219be156551464a2b91dfc5cddaf0c3e8321f Trojan.Win32.KILLAV.WLEBB

b.bat 7617511adda7cb03f317f0df61624b5ecbffcd87 Trojan.BAT.KILLAV.WLEBB


-----