MsSense.exe

  • File Path: C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe
  • Description: Windows Defender Advanced Threat Protection Service Executable

Hashes

Type Hash
MD5 6FEE3946D9194217B2F7B4D7E867CD0A
SHA1 31A35DF173BDD78F3E2E568272496504822C8B1F
SHA256 AF7115B5715618716E88FB62CC0548B2F5EAF751D0BA8320B99B285D956A4E87
SHA384 71A2A21EBEA62396305EE6686680A0B9E50BC153FED441C6C9047C1303BD3FFCFA78C73F3B7D211415A9B089D020A470
SHA512 238456AEC29057919A5C50F0DEA25B55CDC7243D492375EADF954F715679D9EB961CF23B03B687A14A5BDCB1EECDA1A781CD01B379B7B471098318352C96B533
SSDEEP 49152:HLLT2rKXH4W/myT9iQhnJcBsg9kcVyXykeXyy2/Don5YWzhUH7VW0zSMV2h0cElA:fyoqvKrIoRD+YfRX+x
IMP 8D60D67BAFAB47F6D5D23D2B10A665F8
PESHA1 26E85A87580DFC10F51C16E16A321C52F9354C69
PE256 5641580983D7A7A4FA3F9BB7809F996900476CDE1292EBE901863B630960738E

Runtime Data

Loaded Modules:

Path
C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe
C:\Windows\System32\advapi32.dll
C:\Windows\System32\bcrypt.dll
C:\Windows\System32\bcryptPrimitives.dll
C:\Windows\System32\combase.dll
C:\Windows\System32\CRYPT32.dll
C:\Windows\System32\cryptsp.dll
C:\Windows\System32\GDI32.dll
C:\Windows\System32\gdi32full.dll
C:\Windows\System32\KERNEL32.DLL
C:\Windows\System32\KERNELBASE.dll
C:\Windows\System32\MSASN1.dll
C:\Windows\System32\msvcp_win.dll
C:\Windows\System32\msvcrt.dll
C:\Windows\SYSTEM32\ntdll.dll
C:\Windows\System32\OLEAUT32.dll
C:\Windows\System32\powrprof.dll
C:\Windows\System32\RPCRT4.dll
C:\Windows\System32\sechost.dll
C:\Windows\System32\shcore.dll
C:\Windows\SYSTEM32\TelLib.dll
C:\Windows\System32\ucrtbase.dll
C:\Windows\System32\USER32.dll
C:\Windows\System32\win32u.dll
C:\Windows\System32\WINTRUST.dll
C:\Windows\SYSTEM32\Wldp.dll
C:\Windows\System32\WS2_32.dll

Signature

  • Status: Signature verified.
  • Serial: 3300000266BD1580EFA75CD6D3000000000266
  • Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: MsSense.exe.mui
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.7410.17763.1369 (WinBuild.160101.0800)
  • Product Version: 10.7410.17763.1369
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: 0/70
  • VirusTotal Link: https://www.virustotal.com/gui/file/af7115b5715618716e88fb62cc0548b2f5eaf751d0ba8320b99b285d956a4e87/detection/

Possible Misuse

The following table contains possible examples of MsSense.exe being misused. While MsSense.exe is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
stockpile 1258b063-27d6-489b-a677-4807faacf868.yml "mssense", Apache-2.0

MIT License. Copyright (c) 2020-2021 Strontic.