The file identified as (often associated with strings like "李映йњÐ") is linked to a highly dangerous Remote Access Trojan (RAT) known as Moonrise , which was widely documented by security researchers in early 2026. Executive Summary
Moonrise is a sophisticated, Go-based (Golang) malware designed for of infected Windows systems. It is frequently distributed via ZIP archives masquerading as legitimate software, cracks, or driver updates. Key Technical Findings The file identified as (often associated with strings
: Once executed, it can modify the Windows Registry to ensure it restarts automatically with the computer, often masquerading as a system process like svchost.exe . Risk Assessment of the ZIP Archive Key Technical Findings : Once executed, it can
: The malware enables attackers to execute remote commands, capture screens, monitor microphones/webcams, log keystrokes, and harvest credentials from browsers and clipboards. Key Technical Findings : Once executed