CW.Assistant.Extensions.Assistant.26.8.0-alpha.14.nupkg

NUPKG

BENIGN

Mal-ecule

Size 35.0 KB download

First seen 10 days ago

Analyzed 10 days ago

Ecosystem dotnet

Source nuget.org

Objectives

anti-static/obfuscation/control-flow Regex component marker

anti-static/obfuscation/payload PE version resource text

anti-static/pack Reloc section mostly non-relocation bytes

command-and-control/dropper/delivery Compact PE import table

command-and-control/infrastructure Binary has 4 or fewer sections

evasion/process/injection Regex component marker

supply-chain/metadata-anomaly/manifest NuGet nuspec manifest file

communications/ip Hardcoded external IPv4 address

communications/http/client Regex component marker

communications/proxy SOCKS5 client greeting bytes

data/text/keywords Codebase deletion target

binary PE binary has trailing overlay data

signed Signed by AEC Advanced Engineering Computation Aktiebolag

binary/section PE .reloc section presence

file DLL filename extension present

hardening DEP / NX enabled (NX_COMPAT)

package PE version resource metadata

binary/anomaly PE version info numeric fields present

binary/metrics Binary has high overall entropy (packed/encrypted)

build Cargo archive contains Windows native binary

20 of 25 traits shown

SHA-256	0c5e932e68d7a9316fc2d96e3dca87afdbe0a2e7c8cd888d9f242c51de1037c7
Canonical SHA-256	031c9dac8c951bcb4dc0e05a8d1b5fa1d0a98ca6601012f044250eab4349dfb3
Filename	CW.Assistant.Extensions.Assistant.26.8.0-alpha.14.nupkg
Package	CW.Assistant.Extensions.Assistant
Version	26.8.0-alpha.14

Not seeing what you expected? Let us know