Summary
The YARA rule python_exec_complex matched a JavaScript file in an NPM package, which is a known false positive. Package is not malware.
Details
The YARA rule python_exec_complex matched file package/dist/parser.js. However, the package is an NPM package, and the matched file is a JavaScript file. The rule python_exec_complex matching a non-python source file is a known false positive. Therefore, I cannot classify this package as malware.
Evidences
| File | Title | Confidence | |
|---|---|---|---|
package/dist/parser.js | YARA rule 'python_exec_complex' matched file | Low |
Analysis performed at Analysis by