https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/suspicious-executable-detected-microsoft-store-purchase-app/m-p/1254964#M9353 <P><SPAN>Hello everyone,</SPAN></P> <P><SPAN>Has anyone seen this process appear in Cortex XDR?</SPAN></P> <P><SPAN>C:\Program Files\WindowsApps\Microsoft.StorePurchaseApp_22603.1401.4.0_x64__8wekyb3d8bbwe\StoreExperienceHost.exe</SPAN></P> <P>&nbsp;</P> <P><SPAN>It’s showing up on an endpoint, but Cortex XDR isn’t providing any additional details, alerts, or related events. Before I dismiss it, I want to confirm whether this is expected behavior or if anyone has seen suspicious activity tied to this executable.</SPAN></P> <P><SPAN>Any insight is appreciated.</SPAN></P> Thu, 28 May 2026 19:16:08 GMT Juliortega 2026-05-28T19:16:08Z https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/suspicious-executable-detected-microsoft-store-purchase-app/m-p/1254964#M9353 <P><SPAN>Hello everyone,</SPAN></P> <P><SPAN>Has anyone seen this process appear in Cortex XDR?</SPAN></P> <P><SPAN>C:\Program Files\WindowsApps\Microsoft.StorePurchaseApp_22603.1401.4.0_x64__8wekyb3d8bbwe\StoreExperienceHost.exe</SPAN></P> <P>&nbsp;</P> <P><SPAN>It’s showing up on an endpoint, but Cortex XDR isn’t providing any additional details, alerts, or related events. Before I dismiss it, I want to confirm whether this is expected behavior or if anyone has seen suspicious activity tied to this executable.</SPAN></P> <P><SPAN>Any insight is appreciated.</SPAN></P> Thu, 28 May 2026 19:16:08 GMT https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/suspicious-executable-detected-microsoft-store-purchase-app/m-p/1254964#M9353 Juliortega 2026-05-28T19:16:08Z