Product
The execution of Windows Sandbox processes with sensitive configurations (write access to the host file system, network connection, automatic execution via logon command) is identified, as malware may abuse this sandbox feature to evade detection.