Hi, maybe somebody can help me to identify what's going on. I have one workstation with a official MS store app "Your Phone". Sophos detect a RISK 7 level on this command: "C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22012.160.0_x64__8wekyb3d8bbwe\YourPhone.exe" -ServerName:App.AppX9yct9q388jvt4h7y0gn06smzkxcsnt8m.mca
MITRE attack: Defense Evasion Asynchronous Procedure Call
Is this a false positive alert or how should I handle this?
Hi,
Thank you for reaching us, to further validate this alert, can you help us send this sample through our sample submission portal in order for our lab's team to analyze this exe file that has been flagged.
Hi Patrik,
I have checked the case ID which has been created upon submitting through our sample submission portal and I can see that the attached file has been stripped off. You might need to resubmit the sample file Zip the file before attaching it as a sample. Once re-submitted our lab's team will analyze the sample and get back to you.
Based on the available information that we got from this forum this has been flagged by our product as there might be a malicious code being injected into this application.
