Summary
Embedded executable, extension mismatch, and suspicious YARA rule match indicate potential malicious activity. High risk.
Details
The package contains an embedded executable (package/bin/esbuild) which is unusual for a typical npm package. The file extension mismatch and the YARA rule match 'high_entropy_trailer' further raise suspicion, suggesting potential malicious activity or code injection. The combination of these factors indicates a high risk.
Evidences
| File | Title | Confidence | |
|---|---|---|---|
package/bin/esbuild | Embedded Executable | Medium | |
package/bin/esbuild | Extension Mismatch | Low | |
package/bin/esbuild | YARA rule 'high_entropy_trailer' matched file | Low |
Analysis performed at Analysis by