SystemPropertiesRemote.exe

• File Path: C:\Windows\SysWOW64\SystemPropertiesRemote.exe
• Description: System Remote Settings

Hashes

Type	Hash
MD5	E5BCE633925BF7A1AD38E75DE332E749
SHA1	400140EA995343B52C4B05B8D912BA095CC447A5
SHA256	6B5615F5C7168A096DE2678B93C7BE6B96F9E2DBC2D27D6E42537F8C4BD046D8
SHA384	85A7AC70407C8C61B16ECABB75FAC23F4CB269467D39598C7328F3D98588929EB5A9E4C18732118A16151150FD45C8D5
SHA512	08D59C802D025FF2A408C9E5E376C6EA73152B0B8A688AB97155E5F1B8D5D6BC603728180DC02CE9A14A9401485788A7EDFB911B29A0A2CB3B640330650C3A36
SSDEEP	1536:YNGO7tREC/rMcgEPJV+G57ThjEC0kzJP+V5Jny:xuzECTMpuDhjRVJGdy

Signature

• Status: Signature verified.
• Serial: 33000000BCE120FDD27CC8EE930000000000BC
• Thumbprint: E85459B23C232DB3CB94C7A56D47678F58E8E51E
• Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
• Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

• Original Filename: SystemPropertiesRemote.EXE.MUI
• Product Name: Microsoft Windows Operating System
• Company Name: Microsoft Corporation
• File Version: 10.0.14393.0 (rs1_release.160715-1616)
• Product Version: 10.0.14393.0
• Language: English (United States)
• Legal Copyright: Microsoft Corporation. All rights reserved.

File Similarity (ssdeep match)

File	Score
C:\WINDOWS\system32\MSchedExe.exe	88
C:\windows\system32\MSchedExe.exe	88
C:\WINDOWS\system32\MSchedExe.exe	90
C:\Windows\system32\MSchedExe.exe	88
C:\Windows\system32\MSchedExe.exe	86
C:\Windows\system32\MSchedExe.exe	86
C:\Windows\system32\SystemPropertiesAdvanced.exe	88
C:\WINDOWS\system32\SystemPropertiesAdvanced.exe	83
C:\windows\system32\SystemPropertiesAdvanced.exe	83
C:\WINDOWS\system32\SystemPropertiesAdvanced.exe	85
C:\Windows\system32\SystemPropertiesAdvanced.exe	83
C:\Windows\system32\SystemPropertiesAdvanced.exe	85
C:\WINDOWS\system32\SystemPropertiesComputerName.exe	85
C:\windows\system32\SystemPropertiesComputerName.exe	83
C:\Windows\system32\SystemPropertiesComputerName.exe	85
C:\WINDOWS\system32\SystemPropertiesComputerName.exe	86
C:\Windows\system32\SystemPropertiesComputerName.exe	85
C:\Windows\system32\SystemPropertiesComputerName.exe	91
C:\windows\system32\SystemPropertiesDataExecutionPrevention.exe	83
C:\Windows\system32\SystemPropertiesDataExecutionPrevention.exe	86
C:\Windows\system32\SystemPropertiesDataExecutionPrevention.exe	88
C:\WINDOWS\system32\SystemPropertiesDataExecutionPrevention.exe	83
C:\WINDOWS\system32\SystemPropertiesDataExecutionPrevention.exe	83
C:\Windows\system32\SystemPropertiesDataExecutionPrevention.exe	85
C:\WINDOWS\system32\SystemPropertiesHardware.exe	80
C:\Windows\system32\SystemPropertiesHardware.exe	88
C:\Windows\system32\SystemPropertiesHardware.exe	86
C:\Windows\system32\SystemPropertiesHardware.exe	88
C:\windows\system32\SystemPropertiesHardware.exe	83
C:\WINDOWS\system32\SystemPropertiesHardware.exe	86
C:\WINDOWS\system32\SystemPropertiesPerformance.exe	83
C:\WINDOWS\system32\SystemPropertiesPerformance.exe	83
C:\Windows\system32\SystemPropertiesPerformance.exe	85
C:\Windows\system32\SystemPropertiesPerformance.exe	83
C:\windows\system32\SystemPropertiesPerformance.exe	86
C:\Windows\system32\SystemPropertiesPerformance.exe	83
C:\WINDOWS\system32\SystemPropertiesProtection.exe	85
C:\windows\system32\SystemPropertiesProtection.exe	86
C:\Windows\system32\SystemPropertiesProtection.exe	85
C:\Windows\system32\SystemPropertiesProtection.exe	85
C:\Windows\system32\SystemPropertiesProtection.exe	88
C:\WINDOWS\system32\SystemPropertiesProtection.exe	86
C:\WINDOWS\system32\SystemPropertiesRemote.exe	83
C:\WINDOWS\system32\SystemPropertiesRemote.exe	88
C:\windows\system32\SystemPropertiesRemote.exe	83
C:\Windows\system32\SystemPropertiesRemote.exe	85
C:\Windows\system32\SystemPropertiesRemote.exe	85
C:\Windows\system32\SystemPropertiesRemote.exe	91
C:\windows\SysWOW64\SystemPropertiesAdvanced.exe	83
C:\WINDOWS\SysWOW64\SystemPropertiesAdvanced.exe	83
C:\Windows\SysWOW64\SystemPropertiesAdvanced.exe	82
C:\Windows\SysWOW64\SystemPropertiesAdvanced.exe	83
C:\Windows\SysWOW64\SystemPropertiesAdvanced.exe	86
C:\WINDOWS\SysWOW64\SystemPropertiesAdvanced.exe	85
C:\windows\SysWOW64\SystemPropertiesComputerName.exe	85
C:\WINDOWS\SysWOW64\SystemPropertiesComputerName.exe	83
C:\Windows\SysWOW64\SystemPropertiesComputerName.exe	83
C:\WINDOWS\SysWOW64\SystemPropertiesComputerName.exe	83
C:\Windows\SysWOW64\SystemPropertiesComputerName.exe	88
C:\Windows\SysWOW64\SystemPropertiesComputerName.exe	83
C:\Windows\SysWOW64\SystemPropertiesDataExecutionPrevention.exe	83
C:\Windows\SysWOW64\SystemPropertiesDataExecutionPrevention.exe	85
C:\windows\SysWOW64\SystemPropertiesDataExecutionPrevention.exe	90
C:\Windows\SysWOW64\SystemPropertiesDataExecutionPrevention.exe	88
C:\WINDOWS\SysWOW64\SystemPropertiesDataExecutionPrevention.exe	83
C:\WINDOWS\SysWOW64\SystemPropertiesDataExecutionPrevention.exe	82
C:\WINDOWS\SysWOW64\SystemPropertiesHardware.exe	83
C:\windows\SysWOW64\SystemPropertiesHardware.exe	83
C:\Windows\SysWOW64\SystemPropertiesHardware.exe	86
C:\WINDOWS\SysWOW64\SystemPropertiesHardware.exe	83
C:\Windows\SysWOW64\SystemPropertiesHardware.exe	85
C:\Windows\SysWOW64\SystemPropertiesHardware.exe	83
C:\Windows\SysWOW64\SystemPropertiesPerformance.exe	85
C:\WINDOWS\SysWOW64\SystemPropertiesPerformance.exe	85
C:\Windows\SysWOW64\SystemPropertiesPerformance.exe	85
C:\Windows\SysWOW64\SystemPropertiesPerformance.exe	88
C:\windows\SysWOW64\SystemPropertiesPerformance.exe	88
C:\WINDOWS\SysWOW64\SystemPropertiesPerformance.exe	85
C:\windows\SysWOW64\SystemPropertiesProtection.exe	85
C:\Windows\SysWOW64\SystemPropertiesProtection.exe	88
C:\Windows\SysWOW64\SystemPropertiesProtection.exe	85
C:\WINDOWS\SysWOW64\SystemPropertiesProtection.exe	83
C:\Windows\SysWOW64\SystemPropertiesProtection.exe	83
C:\WINDOWS\SysWOW64\SystemPropertiesProtection.exe	83
C:\Windows\SysWOW64\SystemPropertiesRemote.exe	83
C:\WINDOWS\SysWOW64\SystemPropertiesRemote.exe	83
C:\Windows\SysWOW64\SystemPropertiesRemote.exe	83
C:\windows\SysWOW64\SystemPropertiesRemote.exe	86
C:\WINDOWS\SysWOW64\SystemPropertiesRemote.exe	83

Possible Misuse

The following table contains possible examples of SystemPropertiesRemote.exe being misused. While SystemPropertiesRemote.exe is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source	Source File	Example	License
signature-base	apt_apt6_malware.yar	$s15 = “SystemPropertiesRemote.exe” fullword ascii	CC BY-NC 4.0

MIT License. Copyright (c) 2020-2021 Strontic.