SystemPropertiesProtection.exe

  • File Path: C:\windows\system32\SystemPropertiesProtection.exe
  • Description: System Protection Settings

Hashes

Type Hash
MD5 16E9483CD0C84D39E83C2645E51F598B
SHA1 54C65968EA6630316936C57025B34BF9E7151D05
SHA256 2D9AAF96CCD090DAF53A0E24BC97FE74D756F806FD08F2E7D0D679E0AB5550D9
SHA384 7F9241BA7268503959CC4929788FCDFC6220141BD864DA49C1760D00793EB8FE4A6930996FA5CB5B0D4AE095F140A176
SHA512 A2CC9D1CC2674EB90BEEC33764A8DA3C01523DCE5C2BE849647E5880ABEF4C2CFDB69E2BBCE4E8A7F64DD69C13C81FCCF4DA90BDEF16D174692ECAC79720BEFA
SSDEEP 1536:zLe/YtREC/rMcgEPJV+G57ThjEC0kzJP+V5Jl:3rzECTMpuDhjRVJG3

Signature

  • Status: The file C:\windows\system32\SystemPropertiesProtection.exe is not digitally signed. You cannot run this script on the current system. For more information about running scripts and setting execution policy, see about_Execution_Policies at http://go.microsoft.com/fwlink/?LinkID=135170
  • Serial: ``
  • Thumbprint: ``
  • Issuer:
  • Subject:

File Metadata

  • Original Filename: SSystemPropertiesProtection.EXE.MUI
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 6.3.9600.16384 (winblue_rtm.130821-1623)
  • Product Version: 6.3.9600.16384
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.

File Similarity (ssdeep match)

File Score
C:\WINDOWS\system32\MSchedExe.exe 91
C:\windows\system32\MSchedExe.exe 88
C:\Windows\system32\MSchedExe.exe 88
C:\Windows\system32\MSchedExe.exe 88
C:\Windows\system32\MSchedExe.exe 88
C:\Windows\system32\SystemPropertiesAdvanced.exe 86
C:\windows\system32\SystemPropertiesAdvanced.exe 93
C:\WINDOWS\system32\SystemPropertiesAdvanced.exe 86
C:\Windows\system32\SystemPropertiesAdvanced.exe 82
C:\Windows\system32\SystemPropertiesAdvanced.exe 86
C:\WINDOWS\system32\SystemPropertiesComputerName.exe 86
C:\windows\system32\SystemPropertiesComputerName.exe 86
C:\Windows\system32\SystemPropertiesComputerName.exe 86
C:\Windows\system32\SystemPropertiesComputerName.exe 86
C:\Windows\system32\SystemPropertiesComputerName.exe 90
C:\windows\system32\SystemPropertiesDataExecutionPrevention.exe 85
C:\Windows\system32\SystemPropertiesDataExecutionPrevention.exe 85
C:\Windows\system32\SystemPropertiesDataExecutionPrevention.exe 86
C:\WINDOWS\system32\SystemPropertiesDataExecutionPrevention.exe 85
C:\Windows\system32\SystemPropertiesDataExecutionPrevention.exe 90
C:\Windows\system32\SystemPropertiesHardware.exe 86
C:\Windows\system32\SystemPropertiesHardware.exe 86
C:\Windows\system32\SystemPropertiesHardware.exe 86
C:\windows\system32\SystemPropertiesHardware.exe 93
C:\WINDOWS\system32\SystemPropertiesHardware.exe 90
C:\WINDOWS\system32\SystemPropertiesPerformance.exe 83
C:\Windows\system32\SystemPropertiesPerformance.exe 83
C:\Windows\system32\SystemPropertiesPerformance.exe 86
C:\windows\system32\SystemPropertiesPerformance.exe 88
C:\Windows\system32\SystemPropertiesPerformance.exe 85
C:\WINDOWS\system32\SystemPropertiesProtection.exe 86
C:\Windows\system32\SystemPropertiesProtection.exe 90
C:\Windows\system32\SystemPropertiesProtection.exe 85
C:\Windows\system32\SystemPropertiesProtection.exe 86
C:\WINDOWS\system32\SystemPropertiesRemote.exe 90
C:\windows\system32\SystemPropertiesRemote.exe 93
C:\Windows\system32\SystemPropertiesRemote.exe 86
C:\Windows\system32\SystemPropertiesRemote.exe 86
C:\Windows\system32\SystemPropertiesRemote.exe 90
C:\windows\SysWOW64\SystemPropertiesAdvanced.exe 88
C:\Windows\SysWOW64\SystemPropertiesAdvanced.exe 83
C:\Windows\SysWOW64\SystemPropertiesAdvanced.exe 86
C:\Windows\SysWOW64\SystemPropertiesAdvanced.exe 85
C:\WINDOWS\SysWOW64\SystemPropertiesAdvanced.exe 86
C:\windows\SysWOW64\SystemPropertiesComputerName.exe 90
C:\WINDOWS\SysWOW64\SystemPropertiesComputerName.exe 88
C:\Windows\SysWOW64\SystemPropertiesComputerName.exe 88
C:\Windows\SysWOW64\SystemPropertiesComputerName.exe 90
C:\Windows\SysWOW64\SystemPropertiesComputerName.exe 83
C:\Windows\SysWOW64\SystemPropertiesDataExecutionPrevention.exe 88
C:\Windows\SysWOW64\SystemPropertiesDataExecutionPrevention.exe 86
C:\windows\SysWOW64\SystemPropertiesDataExecutionPrevention.exe 90
C:\Windows\SysWOW64\SystemPropertiesDataExecutionPrevention.exe 86
C:\WINDOWS\SysWOW64\SystemPropertiesDataExecutionPrevention.exe 88
C:\windows\SysWOW64\SystemPropertiesHardware.exe 88
C:\Windows\SysWOW64\SystemPropertiesHardware.exe 85
C:\WINDOWS\SysWOW64\SystemPropertiesHardware.exe 86
C:\Windows\SysWOW64\SystemPropertiesHardware.exe 83
C:\Windows\SysWOW64\SystemPropertiesHardware.exe 86
C:\Windows\SysWOW64\SystemPropertiesPerformance.exe 86
C:\Windows\SysWOW64\SystemPropertiesPerformance.exe 86
C:\Windows\SysWOW64\SystemPropertiesPerformance.exe 86
C:\windows\SysWOW64\SystemPropertiesPerformance.exe 86
C:\WINDOWS\SysWOW64\SystemPropertiesPerformance.exe 86
C:\windows\SysWOW64\SystemPropertiesProtection.exe 91
C:\Windows\SysWOW64\SystemPropertiesProtection.exe 86
C:\Windows\SysWOW64\SystemPropertiesProtection.exe 88
C:\Windows\SysWOW64\SystemPropertiesProtection.exe 83
C:\WINDOWS\SysWOW64\SystemPropertiesProtection.exe 88
C:\Windows\SysWOW64\SystemPropertiesRemote.exe 86
C:\Windows\SysWOW64\SystemPropertiesRemote.exe 86
C:\windows\SysWOW64\SystemPropertiesRemote.exe 88
C:\WINDOWS\SysWOW64\SystemPropertiesRemote.exe 85
C:\Windows\SysWOW64\SystemPropertiesRemote.exe 86

Possible Misuse

The following table contains possible examples of SystemPropertiesProtection.exe being misused. While SystemPropertiesProtection.exe is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
signature-base apt_apt6_malware.yar $s14 = ‚ÄúSystemPropertiesProtection.exe‚ÄĚ fullword ascii CC BY-NC 4.0

MIT License. Copyright (c) 2020-2021 Strontic.