SystemPropertiesProtection.exe

• File Path: C:\WINDOWS\SysWOW64\SystemPropertiesProtection.exe
• Description: System Protection Settings

Hashes

Type	Hash
MD5	F6E03518246D9DD4BD0DA304D386B79A
SHA1	FB9203A876005650A6717D0B7005B38C63CC4ED7
SHA256	7457741B6EEA940108BDEAB4F587BCD8F299EE4979D50666D9E946F639C6824E
SHA384	028A9BB725E65A97343F78DF163F3082295BD17703936356C0AFD2A38DF047991A44EC18EAEA0379CA23950E1608177D
SHA512	EA19036F43C38B88F9BD146D8E47B2C5172250B2D7B0F46D1A58EBB7760B4D1F0B7E3193DE04393F3514F8768870D5806B14F4F7A4A005E4CBDA56BDA8F40008
SSDEEP	1536:Vq/Z2tREC/rMcgEPJV+G57ThjEC0kzJP+V5Ji:Vy2zECTMpuDhjRVJGs

Signature

• Status: Signature verified.
• Serial: 330000023241FB59996DCC4DFF000000000232
• Thumbprint: FF82BC38E1DA5E596DF374C53E3617F7EDA36B06
• Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
• Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

• Original Filename: SSystemPropertiesProtection.EXE
• Product Name: Microsoft Windows Operating System
• Company Name: Microsoft Corporation
• File Version: 10.0.18362.1 (WinBuild.160101.0800)
• Product Version: 10.0.18362.1
• Language: English (United States)
• Legal Copyright: Microsoft Corporation. All rights reserved.

File Similarity (ssdeep match)

File	Score
C:\WINDOWS\system32\MSchedExe.exe	91
C:\windows\system32\MSchedExe.exe	91
C:\WINDOWS\system32\MSchedExe.exe	88
C:\Windows\system32\MSchedExe.exe	88
C:\Windows\system32\MSchedExe.exe	88
C:\Windows\system32\MSchedExe.exe	88
C:\Windows\system32\SystemPropertiesAdvanced.exe	86
C:\WINDOWS\system32\SystemPropertiesAdvanced.exe	88
C:\windows\system32\SystemPropertiesAdvanced.exe	88
C:\WINDOWS\system32\SystemPropertiesAdvanced.exe	90
C:\Windows\system32\SystemPropertiesAdvanced.exe	85
C:\Windows\system32\SystemPropertiesAdvanced.exe	90
C:\WINDOWS\system32\SystemPropertiesComputerName.exe	90
C:\windows\system32\SystemPropertiesComputerName.exe	88
C:\Windows\system32\SystemPropertiesComputerName.exe	91
C:\WINDOWS\system32\SystemPropertiesComputerName.exe	88
C:\Windows\system32\SystemPropertiesComputerName.exe	90
C:\Windows\system32\SystemPropertiesComputerName.exe	86
C:\windows\system32\SystemPropertiesDataExecutionPrevention.exe	85
C:\Windows\system32\SystemPropertiesDataExecutionPrevention.exe	85
C:\Windows\system32\SystemPropertiesDataExecutionPrevention.exe	90
C:\WINDOWS\system32\SystemPropertiesDataExecutionPrevention.exe	88
C:\WINDOWS\system32\SystemPropertiesDataExecutionPrevention.exe	88
C:\Windows\system32\SystemPropertiesDataExecutionPrevention.exe	90
C:\WINDOWS\system32\SystemPropertiesHardware.exe	86
C:\Windows\system32\SystemPropertiesHardware.exe	90
C:\Windows\system32\SystemPropertiesHardware.exe	90
C:\Windows\system32\SystemPropertiesHardware.exe	86
C:\windows\system32\SystemPropertiesHardware.exe	88
C:\WINDOWS\system32\SystemPropertiesHardware.exe	90
C:\WINDOWS\system32\SystemPropertiesPerformance.exe	86
C:\WINDOWS\system32\SystemPropertiesPerformance.exe	86
C:\Windows\system32\SystemPropertiesPerformance.exe	85
C:\Windows\system32\SystemPropertiesPerformance.exe	88
C:\windows\system32\SystemPropertiesPerformance.exe	88
C:\Windows\system32\SystemPropertiesPerformance.exe	88
C:\WINDOWS\system32\SystemPropertiesProtection.exe	91
C:\windows\system32\SystemPropertiesProtection.exe	88
C:\Windows\system32\SystemPropertiesProtection.exe	90
C:\Windows\system32\SystemPropertiesProtection.exe	91
C:\Windows\system32\SystemPropertiesProtection.exe	90
C:\WINDOWS\system32\SystemPropertiesProtection.exe	88
C:\WINDOWS\system32\SystemPropertiesRemote.exe	91
C:\WINDOWS\system32\SystemPropertiesRemote.exe	90
C:\windows\system32\SystemPropertiesRemote.exe	88
C:\Windows\system32\SystemPropertiesRemote.exe	90
C:\Windows\system32\SystemPropertiesRemote.exe	90
C:\Windows\system32\SystemPropertiesRemote.exe	86
C:\windows\SysWOW64\SystemPropertiesAdvanced.exe	85
C:\WINDOWS\SysWOW64\SystemPropertiesAdvanced.exe	86
C:\Windows\SysWOW64\SystemPropertiesAdvanced.exe	85
C:\Windows\SysWOW64\SystemPropertiesAdvanced.exe	86
C:\Windows\SysWOW64\SystemPropertiesAdvanced.exe	85
C:\WINDOWS\SysWOW64\SystemPropertiesAdvanced.exe	93
C:\windows\SysWOW64\SystemPropertiesComputerName.exe	86
C:\WINDOWS\SysWOW64\SystemPropertiesComputerName.exe	93
C:\Windows\SysWOW64\SystemPropertiesComputerName.exe	88
C:\WINDOWS\SysWOW64\SystemPropertiesComputerName.exe	88
C:\Windows\SysWOW64\SystemPropertiesComputerName.exe	86
C:\Windows\SysWOW64\SystemPropertiesComputerName.exe	86
C:\Windows\SysWOW64\SystemPropertiesDataExecutionPrevention.exe	88
C:\Windows\SysWOW64\SystemPropertiesDataExecutionPrevention.exe	86
C:\windows\SysWOW64\SystemPropertiesDataExecutionPrevention.exe	90
C:\Windows\SysWOW64\SystemPropertiesDataExecutionPrevention.exe	86
C:\WINDOWS\SysWOW64\SystemPropertiesDataExecutionPrevention.exe	93
C:\WINDOWS\SysWOW64\SystemPropertiesDataExecutionPrevention.exe	85
C:\WINDOWS\SysWOW64\SystemPropertiesHardware.exe	90
C:\windows\SysWOW64\SystemPropertiesHardware.exe	85
C:\Windows\SysWOW64\SystemPropertiesHardware.exe	88
C:\WINDOWS\SysWOW64\SystemPropertiesHardware.exe	93
C:\Windows\SysWOW64\SystemPropertiesHardware.exe	85
C:\Windows\SysWOW64\SystemPropertiesHardware.exe	86
C:\Windows\SysWOW64\SystemPropertiesPerformance.exe	90
C:\WINDOWS\SysWOW64\SystemPropertiesPerformance.exe	90
C:\Windows\SysWOW64\SystemPropertiesPerformance.exe	90
C:\Windows\SysWOW64\SystemPropertiesPerformance.exe	86
C:\windows\SysWOW64\SystemPropertiesPerformance.exe	90
C:\WINDOWS\SysWOW64\SystemPropertiesPerformance.exe	90
C:\windows\SysWOW64\SystemPropertiesProtection.exe	86
C:\Windows\SysWOW64\SystemPropertiesProtection.exe	86
C:\Windows\SysWOW64\SystemPropertiesProtection.exe	91
C:\WINDOWS\SysWOW64\SystemPropertiesProtection.exe	91
C:\Windows\SysWOW64\SystemPropertiesProtection.exe	93
C:\Windows\SysWOW64\SystemPropertiesRemote.exe	86
C:\WINDOWS\SysWOW64\SystemPropertiesRemote.exe	90
C:\Windows\SysWOW64\SystemPropertiesRemote.exe	86
C:\windows\SysWOW64\SystemPropertiesRemote.exe	85
C:\WINDOWS\SysWOW64\SystemPropertiesRemote.exe	85
C:\Windows\SysWOW64\SystemPropertiesRemote.exe	83

Possible Misuse

The following table contains possible examples of SystemPropertiesProtection.exe being misused. While SystemPropertiesProtection.exe is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source	Source File	Example	License
signature-base	apt_apt6_malware.yar	$s14 = “SystemPropertiesProtection.exe” fullword ascii	CC BY-NC 4.0

MIT License. Copyright (c) 2020-2021 Strontic.