SQ30109
Detected presence of malicious files through analyst-vetted file reputation.
priority | CI/CD status | severity | effort | RL level | RL assessment |
---|---|---|---|---|---|
fail | high | high | 1 | malware: fail Reason: malicious components found |
About the issueโ
Threat researchers have manually inspected the software package and determined that it contains one or more malicious files. The detection was made by a hash-based file reputation lookup. This malware detection method is considered highly accurate, and can typically identify the malware family by name.
How to resolve the issueโ
- If the software intent does not relate to malicious behavior, investigate the build and release environment for software supply chain compromise.
- Avoid using this software package.
Incidence statisticsโ
Not relevant for this type of issue.
Recommended readingโ
- Malware analysis (ReversingLabs glossary)