EDR is flagging rununpackaged.exe which appears to be in WindowsApps folder

  • Thread starter Thread starter GingerC586
  • Start date Start date
G

GingerC586

We received the following alert from our EDR:A file (rununpackaged.exe) with a reputation of known malware was found on disk.File Path: C:\program files\windowsapps\microsoft.sysinternalssuite_2022.8.0.0_x64__8wekyb3d8bbwe\rununpackaged.exeFile Hash: f30e22746b59585183e0026b33138eca10452f13f9c8071a36e9c21688372e6dThe file was created by the application C:\Windows\system32\svchost.exe -k wsappx -p -s AppXSvc.VirusTotal - 7/70This file doesn't appear to be signed and was flagged by on heuristics (behavior). The WindowsApps folder is read-only and there's no way even for us to modify its content.

Continue reading...
 
You must log in or register to reply here.

Similar threads

L
Windows 10 C:\Program Files\WindowsApps folder seems to have a lot of corrupt files, and other issues. Can anyone help fix this?
Replies
0
Views
31
Litheo
L
B
Windows 10 Folder in WindowsApps is taking up all my space and I can't delete it.
Replies
0
Views
25
BarkBot
B
D
Windows 10 Microsoft Store malicious app - Dropping malware into C:\program files\windowsapps
Replies
0
Views
38
Diviney
D
O
Windows 10 I can't get permissions for the WindowsApps.
Replies
0
Views
39
Oleg Pt
O
E
Windows 10 No access to WindowsApps folder, TrustedInstaller has Full Control, Fishy SkypeApp
Replies
0
Views
46
Eldarado123
E
Back
Top