GHIElectronics.TinyCLR.Drivers.BasicNet.3.0.0.2000-prerelease.nupkg

NUPKG

BENIGN

Mal-ecule

Size 34.7 KB download

First seen 9 days ago

Analyzed 9 days ago

Ecosystem dotnet

Source nuget.org

Objectives

anti-static/obfuscation/binary-metrics Binary has normal code entropy (>5.5)

anti-static/obfuscation/payload PE version resource text

anti-static/pack PE has under ten imports

command-and-control/backdoor/loader Staged loader six file archive

command-and-control/infrastructure Binary has 4 or fewer sections

evasion/indicator-removal Regex component marker

evasion/process/injection Regex component marker

supply-chain/metadata-anomaly/manifest NuGet nuspec manifest file

communications/ip Hardcoded external IPv4 address

communications/http/server Modification of HTTP context items

crypto/asymmetric Regex component marker

os/sysinfo References GetAddressBytes method

binary PE binary has trailing overlay data

signed Signed by GHI Electronics LLC

binary/section PE .reloc section presence

file Windows DLL extension

hardening NO_SEH (SafeSEH not used)

lang/compiler mscorlib reference

package PE version resource metadata

binary/anomaly PE version info numeric fields present

20 of 33 traits shown

SHA-256	9f3cdd943ce6e0aed3866c617589ccee0b8bc55e11b44b4cafc08eb98904a322
Canonical SHA-256	39e361a5d389714f365721455223f72dfb7f67e80c82af80c7033636862d1ee0
Filename	GHIElectronics.TinyCLR.Drivers.BasicNet.3.0.0.2000-prerelease.nupkg
Package	GHIElectronics.TinyCLR.Drivers.BasicNet
Version	3.0.0.2000-prerelease

Not seeing what you expected? Let us know