While installing/testing neovim in a Windows 11 sandbox environment for security testing purposes before deploying in a commercial environment, the bundled tee.exe binary was classified as Trojan.Malware.300983.susgen. After doing my due diligence to rule out a false positive, I'm finding that this binary is exhibiting what I would consider suspicious behavior. Specifically, it is performing DNS lookups to fp2E7A.wpc.2BE4.phicdn.net and fp2e7a.wpc.phicdn.net, and making network connections to th...