SQ30106
Detected presence of malicious files by a YARA signature.
| priority | CI/CD status | severity | effort | SAFE level | SAFE assessment |
|---|---|---|---|---|---|
 | fail | high | high | 1 | malware: fail Reason: malicious components found |
About the issueโ
Proprietary ReversingLabs malware detection algorithms have determined that the software package contains one or more malicious files. The detection was made by a static YARA signature. This malware detection method is considered highly accurate, and can typically identify the malware family by name.
How to resolve the issueโ
- If the software intent does not relate to malicious behavior, investigate the build and release environment for software supply chain compromise.
- Avoid using this software package.
Incidence statisticsโ
ReversingLabs periodically collects and analyzes the contents of popular software package repositories for threat research purposes. Analysis results are used to calculate incidence statistics for issues (policy violations) that Spectra Assure can detect in software packages.
This section is updated when new data becomes available.
Total amount of packages analyzed
- RubyGems: 183K
- Nuget: 644K
- PyPi: 628K
- NPM: 3.72M
Statistics are not collected for the SQ30106 policy at this time, or not applicable to this type of issue.
Recommended readingโ
- YARA rule (ReversingLabs Glossary)
- Level up your YARA game (ReversingLabs blog)
- Create custom policies with YARA