home

notepad.exe

ConTEXT Project Ltd

Publisher:
ConTEXT Project Ltd  (signed and verified)

 
Part of the Windows Operating System

MD5:
d5af484d0739df72d7ef0dba4d2e80f3

SHA-1:
b7835b6e64aca71fb29d558a8db7c0d28040ab8a

SHA-256:
8e8e7886842be517525fb0841cafb6007cb5f55fa85990df9bda89f69f9e352a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 3:40:12 AM UTC  (today)

File size:
22.3 KB (22,880 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Windows\System32\notepad.exe

Digital Signature
Signed by:
ConTEXT Project Ltd

Authority:
The USERTRUST Network

Valid from:
8/7/2009 9:00:00 PM

Valid to:
8/8/2010 8:59:59 PM

Subject:
CN=ConTEXT Project Ltd, O=ConTEXT Project Ltd, STREET=The Meridian, STREET=4 Copthall House, STREET=Station Square, L=Coventry, S=West Midlands, PostalCode=CV1 2FL, C=GB

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
24E5A579DBEAD680A18C78C5D6A3023A

File PE Metadata
Compilation timestamp:
6/19/1992 7:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
384:W84+Vb4qw6WEEs6Jyu6PUmkt/qD2V5FmmXBEdpgHcMLQnMaVH:1VMqwfEE3JT6s3NPKdiXUnMg

Entry address:
0x3C84

Entry point:
55, 8B, EC, 83, C4, F0, 53, 56, 33, C0, 89, 45, F0, B8, 54, 3C, 40, 00, E8, 9D, FE, FF, FF, 33, C0, 55, 68, E1, 3E, 40, 00, 64, FF, 30, 64, 89, 20, B8, D8, 54, 40, 00, E8, A9, F1, FF, FF, BB, 01, 00, 00, 00, EB, 44, 8D, 55, F0, 8B, C3, E8, 8C, E9, FF, FF, 8B, 45, F0, BA, F8, 3E, 40, 00, E8, E3, F2, FF, FF, 74, 19, 8D, 55, F0, 8B, C3, E8, 73, E9, FF, FF, 8B, 45, F0, BA, 04, 3F, 40, 00, E8, CA, F2, FF, FF, 75, 11, B8, D8, 54, 40, 00, BA, 10, 3F, 40, 00, E8, 25, F2, FF, FF, EB, 0A, 43, E8, ED, E8, FF, FF, 3B...
 
[+]

Entropy:
6.3514

Developed / compiled with:
Microsoft Visual C++

Code size:
12 KB (12,288 bytes)

Shell Open Command
Open type:
inifile

Command:
C:\Windows\System32\notepad.exe %1


The file notepad.exe has been discovered within the following programs.

ConTEXT  by Eden Kirin
www.context.cx
About 6% of users remove it
 
Powered by Should I Remove It?

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.