MSConfig is a troubleshooting tool which is used to temporarily disable or re-enable software, device drivers or Windows services that run during startup process to help the user determine the cause of a problem with Windows

Paths:

C:\Windows\System32\msconfig.exe

Detection: mscfgtlc.xml changes in system32 folder msconfig.exe executing

Execute

Executes command embeded in crafted c:\windows\system32\mscfgtlc.xml.

Msconfig.exe -5