setup[.]js - Malicious post-install script that initiates the payload download.
Hash of setup.js, the Node.js first-stage dropper.
SILKBELL setup.js dropper script
setup.js RAT dropper executed via plain-crypto-js postinstall payload