Skip to content

Microsoft Management Console Snap-in Control file (.msc)

.msc file signature | application/octet-stream

Microsoft Management Console Snap-in Control file

High

Magic Bytes

Offset 0
3C 3F 78 6D 6C 20 76 65 72 73 69 6F 6E 3D 22 31 2E 30 22 3F 3E 0D 0A 3C 4D 4D 43 5F 43 6F 6E 73 6F 6C 65 46 69 6C 65 20 43 6F 6E 73 6F 6C 65 56 65 72 73 69 6F 6E 3D 22

Sources: Gary Kessler

All Known Signatures

3 signature variants are documented for .msc files across multiple sources.

Hex Signature Offset Sources
3C 3F 78 6D 6C 20 76 65 72 73 69 6F 6E 3D 22 31 2E 30 22 3F 3E 0D 0A 3C 4D 4D 43 5F 43 6F 6E 73 6F 6C 65 46 69 6C 65 20 43 6F 6E 73 6F 6C 65 56 65 72 73 69 6F 6E 3D 22 0 Gary Kessler
CF FA ED FE 0 Gary Kessler
D0 CF 11 E0 A1 B1 1A E1 0 Gary Kessler

Extension

.msc

MIME Type

application/octet-stream

Byte Offset

0

Risk Level

High

Validation Code

How to validate .msc files in Python

Python 
def is_msc(file_path: str) -> bool:
    """Check if file is a valid MSC by magic bytes."""
    signature = bytes([0x3C, 0x3F, 0x78, 0x6D, 0x6C, 0x20, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6F, 0x6E, 0x3D, 0x22, 0x31, 0x2E, 0x30, 0x22, 0x3F, 0x3E, 0x0D, 0x0A, 0x3C, 0x4D, 0x4D, 0x43, 0x5F, 0x43, 0x6F, 0x6E, 0x73, 0x6F, 0x6C, 0x65, 0x46, 0x69, 0x6C, 0x65, 0x20, 0x43, 0x6F, 0x6E, 0x73, 0x6F, 0x6C, 0x65, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6F, 0x6E, 0x3D, 0x22])
    with open(file_path, "rb") as f:
        return f.read(56) == signature

How to validate .msc files in Node.js

Node.js 
function isMSC(buffer: Buffer): boolean {
  const signature = Buffer.from([0x3C, 0x3F, 0x78, 0x6D, 0x6C, 0x20, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6F, 0x6E, 0x3D, 0x22, 0x31, 0x2E, 0x30, 0x22, 0x3F, 0x3E, 0x0D, 0x0A, 0x3C, 0x4D, 0x4D, 0x43, 0x5F, 0x43, 0x6F, 0x6E, 0x73, 0x6F, 0x6C, 0x65, 0x46, 0x69, 0x6C, 0x65, 0x20, 0x43, 0x6F, 0x6E, 0x73, 0x6F, 0x6C, 0x65, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6F, 0x6E, 0x3D, 0x22]);
  return buffer.subarray(0, 56).equals(signature);
}

How to validate .msc files in Go

Go 
func IsMSC(data []byte) bool {
    signature := []byte{0x3C, 0x3F, 0x78, 0x6D, 0x6C, 0x20, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6F, 0x6E, 0x3D, 0x22, 0x31, 0x2E, 0x30, 0x22, 0x3F, 0x3E, 0x0D, 0x0A, 0x3C, 0x4D, 0x4D, 0x43, 0x5F, 0x43, 0x6F, 0x6E, 0x73, 0x6F, 0x6C, 0x65, 0x46, 0x69, 0x6C, 0x65, 0x20, 0x43, 0x6F, 0x6E, 0x73, 0x6F, 0x6C, 0x65, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6F, 0x6E, 0x3D, 0x22}
    if len(data) < 56 {
        return false
    }
    return bytes.Equal(data[:56], signature)
}

API Endpoint

GET /api/v1/msc
curl https://filesignature.org/api/v1/msc

See the full API documentation for all endpoints and parameters.

Frequently Asked Questions

What is a .msc file?

A .msc file is a Microsoft Management Console Snap-in Control file file. Microsoft Management Console Snap-in Control file

What are the magic bytes for .msc files?

The magic bytes for Microsoft Management Console Snap-in Control file files are 3C 3F 78 6D 6C 20 76 65 72 73 69 6F 6E 3D 22 31 2E 30 22 3F 3E 0D 0A 3C 4D 4D 43 5F 43 6F 6E 73 6F 6C 65 46 69 6C 65 20 43 6F 6E 73 6F 6C 65 56 65 72 73 69 6F 6E 3D 22 at byte offset 0. These bytes uniquely identify the file format regardless of the file extension.

How do I validate a .msc file?

To validate a .msc file, read the first bytes of the file and compare them against the known magic bytes (3C 3F 78 6D 6C 20 76 65 72 73 69 6F 6E 3D 22 31 2E 30 22 3F 3E 0D 0A 3C 4D 4D 43 5F 43 6F 6E 73 6F 6C 65 46 69 6C 65 20 43 6F 6E 73 6F 6C 65 56 65 72 73 69 6F 6E 3D 22) at offset 0. This is more reliable than checking the file extension alone, as extensions can be renamed.

What is the MIME type for .msc files?

There is no officially registered MIME type for .msc files. Systems typically use application/octet-stream as a generic fallback when handling this format.

Is it safe to open .msc files?

Microsoft Management Console Snap-in Control file (.msc) files are high risk because they can contain executable code. Never open .msc files from untrusted sources. Always scan with antivirus software, verify the source, and consider running in a sandboxed environment.