Notepad.exe

GlassTests

The executable Notepad.exe has been detected as malware by 1 anti-virus scanner. This is a setup program which is used to install the application. The file has been seen being downloaded from download1315.mediafire.com and multiple other hosts.
Publisher:
Microsoft*  (Invalid match)

Product:
GlassTests

Version:
1.0.0.0

MD5:
ec52b847724c33798bf0035caeac87dd

SHA-1:
3db6fe292384b5d8e9dd77de9f8cabd842ceed13

SHA-256:
73d24d85159e6ca5de4475f5b62836a6b85a6a9a91e023b8a6ce35df24949a32

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
12/26/2024 3:44:00 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Unnamed.Threat.18
14.2.27.2

File size:
640 KB (655,360 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © Microsoft 2009

Original file name:
Notepad.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\notepad.exe

File PE Metadata
Compilation timestamp:
6/14/2009 8:19:32 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
12288:n5GpX34txv+ISqN7eyVbIHaniBcXqX25GpXP7vQ5GpX:n5GJotxWILeebbXqX25GJP7I5GJ

Entry address:
0x8830E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
537 KB (549,888 bytes)

The file Notepad.exe has been seen being distributed by the following 2 URLs.

http://download1315.mediafire.com/0a3j05p1qlmg/.../Bloc de notas by The Nipper.exe

Remove Notepad.exe - Powered by Reason Core Security