SafeDep
Install GitHub App
SafeDep
Install GitHub App

Summary

Package golang.org/x/crypto is not malware. YARA matches are in test files and are likely false positives or legitimate test cases.

Verification Record

No verification record available.

Details

The package golang.org/x/crypto is not a malware. The YARA rule very_high_entropy matched a .deflate file, which is likely compressed data and can legitimately have high entropy. The YARA rule hardcoded_host_port_over_10k matched a test file (knownhosts_test.go), which is likely a legitimate use case for testing purposes. The YARA rule fake_openssh_0 matched multiple test data files and a test file (tcpip_test.go). This rule detects the presence of the OpenSSH user agent, which is likely used in test cases to simulate SSH connections. All the matches are in test files, which reduces the likelihood of malicious intent.

golang.org/x/crypto@v0.46.0Clean
Unverified
Analysed at: 12/28/25, 11:00 AM
Source: https://proxy.golang.org/golang.org%2fx%2fcrypto/@v/v0.46.0.zip
SHA256: 5f2921ccdf7252ffbe26046948c6044ab0917e500a34710e0ba6664260d6a460
Confidence: Medium