1 comment

[ 3.9 ms ] story [ 13.9 ms ] thread
> This detection was assigned to an embedded Windows executable file...

I think this should be enough to declare it "malware", no? Why would one put a Windows (or any other) executable into repository for Javascript packages except to be malicious?