INDICATOR-COMPROMISE Microsoft MsMpEng shrink compressed zip code execution attempt
This event is generated when a shrink compressed ZIP file that may exploit a code execution vulnerability in Microsoft Malware Protection Engine is detected.
Attempted Administrator Privilege Gain
Ease of attack
- Cisco's Talos Intelligence Group