21Eyl
What happens when Windows Defender wants to submit a file for analysis?
Occasionally when I write certain programs (especially ones that deal directly with memory) I get that notification that Windows wants to submit the file for analysis. Defender still lets the program run, but wants to send it back to Microsoft for analysis (I have auto submission turned off).
What actually happens if it gets sent back? As in specifically what do Microsoft do? I highly doubt there is someone there that manually puts every submission through something like Ghidra or xdbg for manual analysis. Do they just run it through MDE or what?
