Was last modified on 2015 but was created on 5/30/2018. And no notepad is not signed by microsoft
A few notes so far.
Killed the process and removed notepad with a bit of good timing (process respawns). Notepad no longer runs outside of the Windows folder. Putting something else called notepad does not cause it to be ran. Placing the OG notepad file back into the folder causes it to be immediately ran. So some kind of finger printing must be going on here.
Dumping the strings of the file doesnt reveal anything of interest. Mostly random garbage it thinks is strings and some product info from microsoft.
Notepad.exe process just simply dissapears whenever something is ran with the filename “taskmgr.exe”
Thats about the extent of my knowledge/willingness to poke at it. Ive uploaded both the binary and a process dump incase anyone else wants to take a look at it. Also @Cavemanthe0ne. Found out why my laptop was always running hot in windows XD
… K Personally I havent ever needed antimalware because a) if I’m doing something and I’m stupid enough to download malware then I’ll deal with it and b) I dont generally download anything with the remotest chance of being malware lol so this isnt something i delve into much usually