This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Detections: MS Store App with Defense Evasion Asynchronous Procedure Call

Hi, maybe somebody can help me to identify what's going on. I have one workstation with a official MS store app "Your Phone". Sophos detect a RISK 7 level on this command: "C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22012.160.0_x64__8wekyb3d8bbwe\YourPhone.exe" -ServerName:App.AppX9yct9q388jvt4h7y0gn06smzkxcsnt8m.mca

MITRE attack: Defense Evasion Asynchronous Procedure Call

Is this a false positive alert or how should I handle this?

This thread was automatically locked due to age.

Top Replies

GlennSen over 2 years ago +1 suggested

Hi, Thank you for reaching us, to further validate this alert, can you help us send this sample through our sample submission portal in order for our lab's team to analyze this exe file that has been flagged…

Parents

0 GlennSen over 2 years ago

Hi,

Thank you for reaching us, to further validate this alert, can you help us send this sample through our sample submission portal in order for our lab's team to analyze this exe file that has been flagged.

Glenn ArchieSeñas (GlennSen)

Global Community Support Engineer

The New Home of Sophos Support Videos! - Visit Sophos Techvids
Cancel
Vote Up +1 Vote Down

Cancel

Reply

0 GlennSen over 2 years ago

Hi,

Thank you for reaching us, to further validate this alert, can you help us send this sample through our sample submission portal in order for our lab's team to analyze this exe file that has been flagged.

Glenn ArchieSeñas (GlennSen)

Global Community Support Engineer

The New Home of Sophos Support Videos! - Visit Sophos Techvids
Cancel
Vote Up +1 Vote Down

Cancel

Children

No Data