SystemPropertiesRemote.exe

  • File Path: C:\windows\SysWOW64\SystemPropertiesRemote.exe
  • Description: System Remote Settings

Hashes

Type Hash
MD5 CA5A7FF55867711D17BECF7E711A9C1E
SHA1 ABAF7D9BB619B8A1F57FE648FFE1FDFC385B0A07
SHA256 6CDF50261B306F1090DE1C25D516FA9F402CE329B1D5475560EA980DA212368F
SHA384 3EC3AADF995F2A2996281815CEAF7A8507A555756AA76D1410EF18161AB014D16F216A24F135E88D36AC2926FB1AF837
SHA512 00CE64CC06013469F0D76579FF39542369886132554FA7B26CDF56A4B32F7A6C32552B2EA837F465FB5A2F761A93834807AC657EF9202DD67D35930618B545C7
SSDEEP 1536:N+LfntREC/rMcgEPJV+G57ThjEC0kzJP+V5Je:K/zECTMpuDhjRVJGQ

Signature

  • Status: The file C:\windows\SysWOW64\SystemPropertiesRemote.exe is not digitally signed. You cannot run this script on the current system. For more information about running scripts and setting execution policy, see about_Execution_Policies at http://go.microsoft.com/fwlink/?LinkID=135170
  • Serial: ``
  • Thumbprint: ``
  • Issuer:
  • Subject:

File Metadata

  • Original Filename: SystemPropertiesRemote.EXE.MUI
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 6.3.9600.16384 (winblue_rtm.130821-1623)
  • Product Version: 6.3.9600.16384
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.

File Similarity (ssdeep match)

File Score
C:\WINDOWS\system32\MSchedExe.exe 91
C:\windows\system32\MSchedExe.exe 93
C:\Windows\system32\MSchedExe.exe 88
C:\Windows\system32\MSchedExe.exe 88
C:\Windows\system32\MSchedExe.exe 88
C:\Windows\system32\SystemPropertiesAdvanced.exe 86
C:\windows\system32\SystemPropertiesAdvanced.exe 88
C:\WINDOWS\system32\SystemPropertiesAdvanced.exe 86
C:\Windows\system32\SystemPropertiesAdvanced.exe 85
C:\Windows\system32\SystemPropertiesAdvanced.exe 86
C:\WINDOWS\system32\SystemPropertiesComputerName.exe 86
C:\windows\system32\SystemPropertiesComputerName.exe 86
C:\Windows\system32\SystemPropertiesComputerName.exe 86
C:\Windows\system32\SystemPropertiesComputerName.exe 86
C:\Windows\system32\SystemPropertiesComputerName.exe 86
C:\windows\system32\SystemPropertiesDataExecutionPrevention.exe 85
C:\Windows\system32\SystemPropertiesDataExecutionPrevention.exe 85
C:\Windows\system32\SystemPropertiesDataExecutionPrevention.exe 90
C:\WINDOWS\system32\SystemPropertiesDataExecutionPrevention.exe 85
C:\Windows\system32\SystemPropertiesDataExecutionPrevention.exe 90
C:\Windows\system32\SystemPropertiesHardware.exe 86
C:\Windows\system32\SystemPropertiesHardware.exe 86
C:\Windows\system32\SystemPropertiesHardware.exe 86
C:\windows\system32\SystemPropertiesHardware.exe 88
C:\WINDOWS\system32\SystemPropertiesHardware.exe 90
C:\WINDOWS\system32\SystemPropertiesPerformance.exe 83
C:\Windows\system32\SystemPropertiesPerformance.exe 85
C:\Windows\system32\SystemPropertiesPerformance.exe 85
C:\windows\system32\SystemPropertiesPerformance.exe 88
C:\Windows\system32\SystemPropertiesPerformance.exe 88
C:\WINDOWS\system32\SystemPropertiesProtection.exe 86
C:\windows\system32\SystemPropertiesProtection.exe 88
C:\Windows\system32\SystemPropertiesProtection.exe 86
C:\Windows\system32\SystemPropertiesProtection.exe 88
C:\Windows\system32\SystemPropertiesProtection.exe 86
C:\WINDOWS\system32\SystemPropertiesRemote.exe 90
C:\windows\system32\SystemPropertiesRemote.exe 91
C:\Windows\system32\SystemPropertiesRemote.exe 86
C:\Windows\system32\SystemPropertiesRemote.exe 86
C:\Windows\system32\SystemPropertiesRemote.exe 86
C:\windows\SysWOW64\SystemPropertiesAdvanced.exe 88
C:\Windows\SysWOW64\SystemPropertiesAdvanced.exe 85
C:\Windows\SysWOW64\SystemPropertiesAdvanced.exe 86
C:\Windows\SysWOW64\SystemPropertiesAdvanced.exe 85
C:\WINDOWS\SysWOW64\SystemPropertiesAdvanced.exe 83
C:\windows\SysWOW64\SystemPropertiesComputerName.exe 90
C:\WINDOWS\SysWOW64\SystemPropertiesComputerName.exe 86
C:\Windows\SysWOW64\SystemPropertiesComputerName.exe 88
C:\Windows\SysWOW64\SystemPropertiesComputerName.exe 90
C:\Windows\SysWOW64\SystemPropertiesComputerName.exe 86
C:\Windows\SysWOW64\SystemPropertiesDataExecutionPrevention.exe 86
C:\Windows\SysWOW64\SystemPropertiesDataExecutionPrevention.exe 86
C:\windows\SysWOW64\SystemPropertiesDataExecutionPrevention.exe 88
C:\Windows\SysWOW64\SystemPropertiesDataExecutionPrevention.exe 86
C:\WINDOWS\SysWOW64\SystemPropertiesDataExecutionPrevention.exe 86
C:\windows\SysWOW64\SystemPropertiesHardware.exe 91
C:\Windows\SysWOW64\SystemPropertiesHardware.exe 88
C:\WINDOWS\SysWOW64\SystemPropertiesHardware.exe 83
C:\Windows\SysWOW64\SystemPropertiesHardware.exe 85
C:\Windows\SysWOW64\SystemPropertiesHardware.exe 86
C:\Windows\SysWOW64\SystemPropertiesPerformance.exe 86
C:\Windows\SysWOW64\SystemPropertiesPerformance.exe 90
C:\Windows\SysWOW64\SystemPropertiesPerformance.exe 90
C:\windows\SysWOW64\SystemPropertiesPerformance.exe 86
C:\WINDOWS\SysWOW64\SystemPropertiesPerformance.exe 86
C:\windows\SysWOW64\SystemPropertiesProtection.exe 90
C:\Windows\SysWOW64\SystemPropertiesProtection.exe 86
C:\Windows\SysWOW64\SystemPropertiesProtection.exe 88
C:\Windows\SysWOW64\SystemPropertiesProtection.exe 86
C:\WINDOWS\SysWOW64\SystemPropertiesProtection.exe 85
C:\Windows\SysWOW64\SystemPropertiesRemote.exe 86
C:\Windows\SysWOW64\SystemPropertiesRemote.exe 86
C:\WINDOWS\SysWOW64\SystemPropertiesRemote.exe 85
C:\Windows\SysWOW64\SystemPropertiesRemote.exe 86

Possible Misuse

The following table contains possible examples of SystemPropertiesRemote.exe being misused. While SystemPropertiesRemote.exe is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
signature-base apt_apt6_malware.yar $s15 = “SystemPropertiesRemote.exe” fullword ascii CC BY-NC 4.0

MIT License. Copyright (c) 2020-2021 Strontic.