SystemPropertiesRemote.exe

• File Path: C:\windows\system32\SystemPropertiesRemote.exe
• Description: System Remote Settings

Hashes

Type	Hash
MD5	381E3758C7687DA1A55DD4221E5B9E6C
SHA1	BDD7C7A87C9D9D58A7D30963B227F263EF0F6F00
SHA256	C05A82102108EBB43C71A5D621604F1500D4B22794E82969E59D16683F2F6D95
SHA384	2DE6233687CA3653A641BD4E07789F28A46520C43A3B6B56A6CACA4FFCF0C61F9726ACB2A135ED86318317BC72A4CF7B
SHA512	9060C9E6530BC1C4193AAC17A94879312EEE72F9B3E8A6ABF632AE490DE92B363BD4C9E2ABB5A958E89CBD3594C53B03D23E35514B9BA4838611D02D0EB30D94
SSDEEP	1536:1Le/StREC/rMcgEPJV+G57ThjEC0kzJP+V5Je:VVzECTMpuDhjRVJGQ

Signature

• Status: The file C:\windows\system32\SystemPropertiesRemote.exe is not digitally signed. You cannot run this script on the current system. For more information about running scripts and setting execution policy, see about_Execution_Policies at http://go.microsoft.com/fwlink/?LinkID=135170
• Serial: ``
• Thumbprint: ``
• Issuer:
• Subject:

File Metadata

• Original Filename: SystemPropertiesRemote.EXE.MUI
• Product Name: Microsoft Windows Operating System
• Company Name: Microsoft Corporation
• File Version: 6.3.9600.16384 (winblue_rtm.130821-1623)
• Product Version: 6.3.9600.16384
• Language: English (United States)
• Legal Copyright: Microsoft Corporation. All rights reserved.

File Similarity (ssdeep match)

File	Score
C:\WINDOWS\system32\MSchedExe.exe	93
C:\windows\system32\MSchedExe.exe	88
C:\WINDOWS\system32\MSchedExe.exe	88
C:\Windows\system32\MSchedExe.exe	88
C:\Windows\system32\MSchedExe.exe	88
C:\Windows\system32\MSchedExe.exe	88
C:\Windows\system32\SystemPropertiesAdvanced.exe	86
C:\WINDOWS\system32\SystemPropertiesAdvanced.exe	88
C:\windows\system32\SystemPropertiesAdvanced.exe	93
C:\WINDOWS\system32\SystemPropertiesAdvanced.exe	86
C:\Windows\system32\SystemPropertiesAdvanced.exe	82
C:\Windows\system32\SystemPropertiesAdvanced.exe	86
C:\WINDOWS\system32\SystemPropertiesComputerName.exe	86
C:\windows\system32\SystemPropertiesComputerName.exe	86
C:\Windows\system32\SystemPropertiesComputerName.exe	86
C:\WINDOWS\system32\SystemPropertiesComputerName.exe	88
C:\Windows\system32\SystemPropertiesComputerName.exe	86
C:\Windows\system32\SystemPropertiesComputerName.exe	86
C:\windows\system32\SystemPropertiesDataExecutionPrevention.exe	85
C:\Windows\system32\SystemPropertiesDataExecutionPrevention.exe	88
C:\Windows\system32\SystemPropertiesDataExecutionPrevention.exe	86
C:\WINDOWS\system32\SystemPropertiesDataExecutionPrevention.exe	88
C:\WINDOWS\system32\SystemPropertiesDataExecutionPrevention.exe	85
C:\Windows\system32\SystemPropertiesDataExecutionPrevention.exe	90
C:\WINDOWS\system32\SystemPropertiesHardware.exe	83
C:\Windows\system32\SystemPropertiesHardware.exe	86
C:\Windows\system32\SystemPropertiesHardware.exe	86
C:\Windows\system32\SystemPropertiesHardware.exe	86
C:\windows\system32\SystemPropertiesHardware.exe	96
C:\WINDOWS\system32\SystemPropertiesHardware.exe	86
C:\WINDOWS\system32\SystemPropertiesPerformance.exe	86
C:\WINDOWS\system32\SystemPropertiesPerformance.exe	83
C:\Windows\system32\SystemPropertiesPerformance.exe	83
C:\Windows\system32\SystemPropertiesPerformance.exe	85
C:\windows\system32\SystemPropertiesPerformance.exe	88
C:\Windows\system32\SystemPropertiesPerformance.exe	85
C:\WINDOWS\system32\SystemPropertiesProtection.exe	86
C:\windows\system32\SystemPropertiesProtection.exe	93
C:\Windows\system32\SystemPropertiesProtection.exe	86
C:\Windows\system32\SystemPropertiesProtection.exe	85
C:\Windows\system32\SystemPropertiesProtection.exe	86
C:\WINDOWS\system32\SystemPropertiesProtection.exe	88
C:\WINDOWS\system32\SystemPropertiesRemote.exe	88
C:\WINDOWS\system32\SystemPropertiesRemote.exe	90
C:\Windows\system32\SystemPropertiesRemote.exe	86
C:\Windows\system32\SystemPropertiesRemote.exe	86
C:\Windows\system32\SystemPropertiesRemote.exe	90
C:\windows\SysWOW64\SystemPropertiesAdvanced.exe	88
C:\WINDOWS\SysWOW64\SystemPropertiesAdvanced.exe	83
C:\Windows\SysWOW64\SystemPropertiesAdvanced.exe	83
C:\Windows\SysWOW64\SystemPropertiesAdvanced.exe	86
C:\Windows\SysWOW64\SystemPropertiesAdvanced.exe	85
C:\WINDOWS\SysWOW64\SystemPropertiesAdvanced.exe	86
C:\windows\SysWOW64\SystemPropertiesComputerName.exe	90
C:\WINDOWS\SysWOW64\SystemPropertiesComputerName.exe	88
C:\Windows\SysWOW64\SystemPropertiesComputerName.exe	88
C:\WINDOWS\SysWOW64\SystemPropertiesComputerName.exe	85
C:\Windows\SysWOW64\SystemPropertiesComputerName.exe	90
C:\Windows\SysWOW64\SystemPropertiesComputerName.exe	83
C:\Windows\SysWOW64\SystemPropertiesDataExecutionPrevention.exe	88
C:\Windows\SysWOW64\SystemPropertiesDataExecutionPrevention.exe	83
C:\windows\SysWOW64\SystemPropertiesDataExecutionPrevention.exe	88
C:\Windows\SysWOW64\SystemPropertiesDataExecutionPrevention.exe	86
C:\WINDOWS\SysWOW64\SystemPropertiesDataExecutionPrevention.exe	88
C:\WINDOWS\SysWOW64\SystemPropertiesDataExecutionPrevention.exe	83
C:\WINDOWS\SysWOW64\SystemPropertiesHardware.exe	86
C:\windows\SysWOW64\SystemPropertiesHardware.exe	88
C:\Windows\SysWOW64\SystemPropertiesHardware.exe	85
C:\WINDOWS\SysWOW64\SystemPropertiesHardware.exe	86
C:\Windows\SysWOW64\SystemPropertiesHardware.exe	83
C:\Windows\SysWOW64\SystemPropertiesHardware.exe	86
C:\Windows\SysWOW64\SystemPropertiesPerformance.exe	86
C:\WINDOWS\SysWOW64\SystemPropertiesPerformance.exe	86
C:\Windows\SysWOW64\SystemPropertiesPerformance.exe	86
C:\Windows\SysWOW64\SystemPropertiesPerformance.exe	86
C:\windows\SysWOW64\SystemPropertiesPerformance.exe	86
C:\WINDOWS\SysWOW64\SystemPropertiesPerformance.exe	86
C:\windows\SysWOW64\SystemPropertiesProtection.exe	90
C:\Windows\SysWOW64\SystemPropertiesProtection.exe	86
C:\Windows\SysWOW64\SystemPropertiesProtection.exe	88
C:\WINDOWS\SysWOW64\SystemPropertiesProtection.exe	85
C:\Windows\SysWOW64\SystemPropertiesProtection.exe	83
C:\WINDOWS\SysWOW64\SystemPropertiesProtection.exe	88
C:\Windows\SysWOW64\SystemPropertiesRemote.exe	86
C:\WINDOWS\SysWOW64\SystemPropertiesRemote.exe	83
C:\Windows\SysWOW64\SystemPropertiesRemote.exe	86
C:\windows\SysWOW64\SystemPropertiesRemote.exe	91
C:\WINDOWS\SysWOW64\SystemPropertiesRemote.exe	82
C:\Windows\SysWOW64\SystemPropertiesRemote.exe	83

Possible Misuse

The following table contains possible examples of SystemPropertiesRemote.exe being misused. While SystemPropertiesRemote.exe is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source	Source File	Example	License
signature-base	apt_apt6_malware.yar	$s15 = “SystemPropertiesRemote.exe” fullword ascii	CC BY-NC 4.0

MIT License. Copyright (c) 2020-2021 Strontic.