What is the "cache1.bin" on Windows 11 ?

Phanuphong Thipsuk 10 Reputation points
2023-07-25T08:55:38.42+00:00

On Windows 11, My Endpoint security (Cortex XDR) show alert like this

"Lsass.exe does not normally create executables to disk. This activity was seen as part of several exploits, like EternalBlue and DoublePulsar, used during the WannaCry attacks"

I've found that the process try to write file on harddisk as ,

Username: NT AUTHORITY\SYSTEM

Path: Type : File Write Path : C:\Users<my username>\AppData\Local\Microsoft\Windows\SFAP\cache1.bin

Please help me check the file "cache1.bin" whether malicious or not.

Thank you,

maxx

Windows 11
Windows 11
A Microsoft operating system designed for productivity, creativity, and ease of use.
9,608 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Deleted

    This answer has been deleted due to a violation of our Code of Conduct. The answer was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.


    Comments have been turned off. Learn more

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.