SystemPropertiesProtection.exe

  • File Path: C:\Windows\SysWOW64\SystemPropertiesProtection.exe
  • Description: System Protection Settings

Hashes

Type Hash
MD5 69EBB7F618E72B4D25E5B613836811A3
SHA1 B959B04D4D2EE366126FD943F96CF5158ED58C1C
SHA256 F64AB1A173AFC75C625AAB489274BE8425C8C882A32183EB3607035005B6B625
SHA384 714E3EDEDF7D03C590400E029E8F5E1337ABACB2AC6508E8F5D214ABC5D4B33934570FFE957A9C59DD9907F9D7EE20C2
SHA512 53F46AD9CF911258BF2827CB65CE798D031DCE11778987D15725FF94A322D8C4AD1AB5734492A158D6CD2DA918C3CBB7EB55926081DA15F7D23D57055B9A4BA1
SSDEEP 1536:tAGstREC/rMcgEPJV+G57ThjEC0kzJP+V5Jg:7szECTMpuDhjRVJG2

Signature

  • Status: Signature verified.
  • Serial: 33000000BCE120FDD27CC8EE930000000000BC
  • Thumbprint: E85459B23C232DB3CB94C7A56D47678F58E8E51E
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: SSystemPropertiesProtection.EXE.MUI
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.14393.0 (rs1_release.160715-1616)
  • Product Version: 10.0.14393.0
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.

File Similarity (ssdeep match)

File Score
C:\WINDOWS\system32\MSchedExe.exe 90
C:\windows\system32\MSchedExe.exe 90
C:\Windows\system32\MSchedExe.exe 90
C:\Windows\system32\MSchedExe.exe 88
C:\Windows\system32\MSchedExe.exe 88
C:\Windows\system32\SystemPropertiesAdvanced.exe 90
C:\windows\system32\SystemPropertiesAdvanced.exe 86
C:\WINDOWS\system32\SystemPropertiesAdvanced.exe 88
C:\Windows\system32\SystemPropertiesAdvanced.exe 83
C:\Windows\system32\SystemPropertiesAdvanced.exe 88
C:\WINDOWS\system32\SystemPropertiesComputerName.exe 88
C:\windows\system32\SystemPropertiesComputerName.exe 86
C:\Windows\system32\SystemPropertiesComputerName.exe 88
C:\Windows\system32\SystemPropertiesComputerName.exe 90
C:\Windows\system32\SystemPropertiesComputerName.exe 90
C:\windows\system32\SystemPropertiesDataExecutionPrevention.exe 90
C:\Windows\system32\SystemPropertiesDataExecutionPrevention.exe 90
C:\Windows\system32\SystemPropertiesDataExecutionPrevention.exe 90
C:\WINDOWS\system32\SystemPropertiesDataExecutionPrevention.exe 86
C:\Windows\system32\SystemPropertiesDataExecutionPrevention.exe 88
C:\Windows\system32\SystemPropertiesHardware.exe 90
C:\Windows\system32\SystemPropertiesHardware.exe 88
C:\Windows\system32\SystemPropertiesHardware.exe 90
C:\windows\system32\SystemPropertiesHardware.exe 86
C:\WINDOWS\system32\SystemPropertiesHardware.exe 88
C:\WINDOWS\system32\SystemPropertiesPerformance.exe 85
C:\Windows\system32\SystemPropertiesPerformance.exe 86
C:\Windows\system32\SystemPropertiesPerformance.exe 86
C:\windows\system32\SystemPropertiesPerformance.exe 88
C:\Windows\system32\SystemPropertiesPerformance.exe 90
C:\WINDOWS\system32\SystemPropertiesProtection.exe 88
C:\windows\system32\SystemPropertiesProtection.exe 86
C:\Windows\system32\SystemPropertiesProtection.exe 88
C:\Windows\system32\SystemPropertiesProtection.exe 90
C:\Windows\system32\SystemPropertiesProtection.exe 93
C:\WINDOWS\system32\SystemPropertiesRemote.exe 88
C:\windows\system32\SystemPropertiesRemote.exe 86
C:\Windows\system32\SystemPropertiesRemote.exe 88
C:\Windows\system32\SystemPropertiesRemote.exe 88
C:\Windows\system32\SystemPropertiesRemote.exe 90
C:\windows\SysWOW64\SystemPropertiesAdvanced.exe 86
C:\Windows\SysWOW64\SystemPropertiesAdvanced.exe 83
C:\Windows\SysWOW64\SystemPropertiesAdvanced.exe 85
C:\Windows\SysWOW64\SystemPropertiesAdvanced.exe 91
C:\WINDOWS\SysWOW64\SystemPropertiesAdvanced.exe 85
C:\windows\SysWOW64\SystemPropertiesComputerName.exe 90
C:\WINDOWS\SysWOW64\SystemPropertiesComputerName.exe 86
C:\Windows\SysWOW64\SystemPropertiesComputerName.exe 86
C:\Windows\SysWOW64\SystemPropertiesComputerName.exe 93
C:\Windows\SysWOW64\SystemPropertiesComputerName.exe 85
C:\Windows\SysWOW64\SystemPropertiesDataExecutionPrevention.exe 86
C:\Windows\SysWOW64\SystemPropertiesDataExecutionPrevention.exe 85
C:\windows\SysWOW64\SystemPropertiesDataExecutionPrevention.exe 88
C:\Windows\SysWOW64\SystemPropertiesDataExecutionPrevention.exe 93
C:\WINDOWS\SysWOW64\SystemPropertiesDataExecutionPrevention.exe 86
C:\windows\SysWOW64\SystemPropertiesHardware.exe 86
C:\Windows\SysWOW64\SystemPropertiesHardware.exe 91
C:\WINDOWS\SysWOW64\SystemPropertiesHardware.exe 85
C:\Windows\SysWOW64\SystemPropertiesHardware.exe 83
C:\Windows\SysWOW64\SystemPropertiesHardware.exe 85
C:\Windows\SysWOW64\SystemPropertiesPerformance.exe 88
C:\Windows\SysWOW64\SystemPropertiesPerformance.exe 88
C:\Windows\SysWOW64\SystemPropertiesPerformance.exe 90
C:\windows\SysWOW64\SystemPropertiesPerformance.exe 88
C:\WINDOWS\SysWOW64\SystemPropertiesPerformance.exe 88
C:\windows\SysWOW64\SystemPropertiesProtection.exe 88
C:\Windows\SysWOW64\SystemPropertiesProtection.exe 86
C:\Windows\SysWOW64\SystemPropertiesProtection.exe 85
C:\WINDOWS\SysWOW64\SystemPropertiesProtection.exe 86
C:\Windows\SysWOW64\SystemPropertiesRemote.exe 88
C:\Windows\SysWOW64\SystemPropertiesRemote.exe 88
C:\windows\SysWOW64\SystemPropertiesRemote.exe 86
C:\WINDOWS\SysWOW64\SystemPropertiesRemote.exe 88
C:\Windows\SysWOW64\SystemPropertiesRemote.exe 88

Possible Misuse

The following table contains possible examples of SystemPropertiesProtection.exe being misused. While SystemPropertiesProtection.exe is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
signature-base apt_apt6_malware.yar $s14 = ‚ÄúSystemPropertiesProtection.exe‚ÄĚ fullword ascii CC BY-NC 4.0

MIT License. Copyright (c) 2020-2021 Strontic.