Mar 24 2020 07:15 AM
I observed traffic towards https://cache.datamart.windows.com from a Windows 10 Machine.
The used user agent captured was “Microsoft!WiFiTask_File_Downloader” and have no information on the official website of the Microsoft.
On further analysis i found wifitask.exe generating this traffic which is a background service.
Also after analyzing wifitask.exe in "https://www.hybrid-analysis.com" i found the “Microsoft!WiFiTask_File_Downloader” in the strings.
Can any one please help me understand,
1. Why wifitask.exe is generating traffic towards https://cache.datamart.windows.com?
2. Why “Microsoft!WiFiTask_File_Downloader” is captured as User Agent in logs?