What is the "cache1.bin" on Windows 11 ?
On Windows 11, My Endpoint security (Cortex XDR) show alert like this
"Lsass.exe does not normally create executables to disk. This activity was seen as part of several exploits, like EternalBlue and DoublePulsar, used during the WannaCry attacks"
I've found that the process try to write file on harddisk as ,
Username: NT AUTHORITY\SYSTEM
Path: Type : File Write Path : C:\Users<my username>\AppData\Local\Microsoft\Windows\SFAP\cache1.bin
Please help me check the file "cache1.bin" whether malicious or not.
Thank you,
maxx
1 answer
Sort by: Most helpful
-
Deleted
This answer has been deleted due to a violation of our Code of Conduct. The answer was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.
Comments have been turned off. Learn more