Summary

Package is not malware. YARA matches are in test files and are likely related to testing SSH functionality. No strong evidence of malware.

Verification Record

No verification record available.

Details

The package is not a malware because the evidences are not strong enough to classify it as malware. The 'very_high_entropy' rule match on a .deflate file is not a strong indicator of maliciousness. The 'hardcoded_host_port_over_10k' rule match in a test file is also not a strong indicator. The 'fake_openssh_0' rule matches in test files are likely related to testing SSH functionality and are therefore not malicious.

Summary

Package is not malware. YARA matches are in test files and are likely related to testing SSH functionality. No strong evidence of malware.

Verification Record

No verification record available.

Details

golang.org/x/crypto@0.44.0Clean

Unverified

Analysed at: 2/3/26, 6:41 AM

Source: https://proxy.golang.org/golang.org%2fx%2fcrypto/@v/v0.44.0.zip

SHA256: 31a0dbb663b78708159bc1cbdb09a6a8370cbf507d742f96dc78b4ad023498ec

Confidence: Medium