1  <#
 2  .SYNOPSIS
 3      Determine whether a given process (by PID) runs with an MSIX/UWP package identity.
 4  .DESCRIPTION
 5      Calls the Windows API GetPackageFullName to check if the target process executes under an MSIX/Sparse App/UWP package identity.
 6      Returns the package full name when identity is present, or "No package identity" otherwise.
 7  .PARAMETER ProcessId
 8      The process ID to inspect.
 9  .EXAMPLE
10      .\Check-ProcessIdentity.ps1 -pid 12345
11  #>
12  param(
13      [Parameter(Mandatory=$true)]
14      [int]$ProcessId
15  )
16  
17  Add-Type -TypeDefinition @'
18  using System;
19  using System.Text;
20  using System.Runtime.InteropServices;
21  public class P {
22      [DllImport("kernel32.dll", SetLastError=true)]
23      public static extern IntPtr OpenProcess(uint a, bool b, int p);
24      [DllImport("kernel32.dll", SetLastError=true)]
25      public static extern bool CloseHandle(IntPtr h);
26      [DllImport("kernel32.dll", CharSet=CharSet.Unicode, SetLastError=true)]
27      public static extern int GetPackageFullName(IntPtr h, ref int l, StringBuilder b);
28      public static string G(int pid) {
29          IntPtr h = OpenProcess(0x1000, false, pid);
30          if (h == IntPtr.Zero) return "Failed to open process";
31          int len = 0;
32          GetPackageFullName(h, ref len, null);
33          if (len == 0) { CloseHandle(h); return "No package identity"; }
34          var sb = new StringBuilder(len);
35          int r = GetPackageFullName(h, ref len, sb);
36          CloseHandle(h);
37          return r == 0 ? sb.ToString() : "Error:" + r;
38      }
39  }
40  '@
41  
42  $result = [P]::G($ProcessId)
43  Write-Output $result