Summary
Package not classified as malware. Insecure random number generation and YARA matches are concerning but not conclusive.
Details
The package is not a malware. While there are some concerning YARA rule matches like python_exec_complex and js_many_parseInt, these are low confidence. The python_exec_complex rule matching a Javascript file is often a false positive. The use of Math.random() for UUID generation is insecure, but it's a fallback mechanism and doesn't definitively indicate malicious intent. There is no strong evidence to classify this package as malware.
Evidences
| File | Title | Confidence | |
|---|---|---|---|
package/build/x509.cjs.js | YARA rule 'python_exec_complex' matched file | Low | |
package/build/x509.es.js | YARA rule 'python_exec_complex' matched file | Low | |
package/build/x509.js | YARA rule 'js_many_parseInt' matched file | Low | |
package/build/x509.js | Insecure Random Number Generation | Medium |
Analysis performed at Analysis by