MsSense.exe

  • File Path: C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe
  • Description: Windows Defender Advanced Threat Protection Service Executable

Hashes

Type Hash
MD5 D87379B55F5CDF0E4B5EB8E498729C77
SHA1 E4E9B771D2FA84C1C5BF173350F518178F55D69E
SHA256 D87414D6A8321AF3A9C0829DE6CE1F8A84C844ADA31067D4046B03F64367FCD2
SHA384 1B7376B93F99A9F93B87E7EFE0A3293955C70B7FE84EAF0D0FEC69511C0230A9ABC0E5EDFFF7902F8AB1D268B2ADAC2C
SHA512 6CBEA36746021D93EEB735C88F1C886ABFCE70C8D5FD3058DFC2B086A64F4D2B8714A2A296DF28DC9D7E4EA169E0B658512C34371CB8198ACB944DBBD721BC44
SSDEEP 49152:FZ4i/JQP6+vW2ij/F/rkDbXkIuLDOHjku2poZo2eBZoEypREmO7yFyvz/BcerQMw:pFH7F/rkD7DuHujqphy6/VTUUgJP3o+P
IMP B8E0F0D12B3E8DC8E239DAB5E92185EE
PESHA1 2DFC207B39E07D234A7492FA287ADE1CB5DFA96B
PE256 296D236544CF396B5BF958DD53891DDBD3413756277581076C31D3080FF385B2

Runtime Data

Loaded Modules:

Path
C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe
C:\Windows\System32\KERNEL32.DLL
C:\Windows\System32\KERNELBASE.dll
C:\Windows\SYSTEM32\ntdll.dll

Signature

  • Status: Signature verified.
  • Serial: 3300000266BD1580EFA75CD6D3000000000266
  • Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: MsSense.exe.mui
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.7430.19041.423 (WinBuild.160101.0800)
  • Product Version: 10.7430.19041.423
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: 0/68
  • VirusTotal Link: https://www.virustotal.com/gui/file/d87414d6a8321af3a9c0829de6ce1f8a84c844ada31067d4046b03f64367fcd2/detection/

Possible Misuse

The following table contains possible examples of MsSense.exe being misused. While MsSense.exe is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
stockpile 1258b063-27d6-489b-a677-4807faacf868.yml "mssense", Apache-2.0

MIT License. Copyright (c) 2020-2021 Strontic.