MsSense.exe

  • File Path: C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe
  • Description: Windows Defender Advanced Threat Protection Service Executable

Hashes

Type Hash
MD5 70C3F94D2AC245E53D93C82DD017E4E5
SHA1 32885999887E621557020805BD299085B076B987
SHA256 E2BAF6636B0FFB3A30D828F832CCB56B51AEF63F9854ACBC9CD211991E6AC3D6
SHA384 EB4DA3AF2F9D123F9BA63F0CD582FF3536B66EAE71AF1F9A240EC17C2BB08A531BD95F6D0B377E7F85156B7FBA9D594B
SHA512 FDDE44BDFF3E46C54A634B6860706AD02221B6B8BFD3382BC2E34109FAE581DB82FC270277305E7067BE7EFA8F6645D558F511CC632D32FE348A965CADE7464D
SSDEEP 98304:HjSz7+taiaE230hs/Wp17RoWhSPGB2coRCfpj:HjS/iaE230hsup1uWQWxfB
IMP AE28BCC9D66810235765C9A356EFE9D0
PESHA1 D848858CA4B135332BB285C3C1082A10D9B0232D
PE256 93AD01172DBD195A6F79AB771E429575A8EF0FE68263D9345BECCF7DD378163D

Runtime Data

Loaded Modules:

Path
C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe
C:\Windows\System32\KERNEL32.DLL
C:\Windows\System32\KERNELBASE.dll
C:\Windows\SYSTEM32\ntdll.dll

Signature

  • Status: Signature verified.
  • Serial: 33000002EC6579AD1E670890130000000002EC
  • Thumbprint: F7C2F2C96A328C13CDA8CDB57B715BDEA2CBD1D9
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: MsSense.exe.mui
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.8040.19041.1320 (WinBuild.160101.0800)
  • Product Version: 10.8040.19041.1320
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: 0/71
  • VirusTotal Link: https://www.virustotal.com/gui/file/e2baf6636b0ffb3a30d828f832ccb56b51aef63f9854acbc9cd211991e6ac3d6/detection

Possible Misuse

The following table contains possible examples of MsSense.exe being misused. While MsSense.exe is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
stockpile 1258b063-27d6-489b-a677-4807faacf868.yml "mssense", Apache-2.0

MIT License. Copyright (c) 2020-2021 Strontic.