home

mstm64_q.exe

KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘KONICA MINOLTA PagePro 1350WStatusDisplay’.
Publisher:
KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.  (signed and verified)

Version:
1, 0, 0, 0

MD5:
57fa12a350d9f05d4d4b39b144f86e66

SHA-1:
0956e037d0f4df33eaba5e0351d1a00b373b450c

SHA-256:
ad4d5278669ea769d01e3372668adb9a22345f3fef9df46b6044d0eac76304d2

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/9/2024 1:20:14 AM UTC  (today)

File size:
242.9 KB (248,760 bytes)

Product version:
1, 0, 0, 0

Copyright:
Copyright (c) 2011 KONICA MINOLTA BUSINESS TECHNOLOGIES, INC. All rights reserved.

File type:
Executable application (Win64 EXE)

Common path:
C:\Windows\System32\mstm64_q.exe

Digital Signature
Signed by:
KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.

Authority:
VeriSign, Inc.

Valid from:
5/27/2010 2:00:00 AM

Valid to:
5/28/2011 1:59:59 AM

Subject:
CN="KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.", OU="Electronic Information Technology R&D Center, Div.1", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.", L=Hachioji-shi, S=Tokyo, C=JP

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
71A7CD66D949310229E0B90C27425DD8

File PE Metadata
Compilation timestamp:
3/9/2011 2:38:05 AM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
3072:6ukhcOc1vJJQGLkEVFLzVMBs6TTShiNevmZOKeecvAA2J1r8LiU3au:61h417P4EjVuBTTHwmZOJrCU3au

Entry address:
0x1B350

Entry point:
48, 83, EC, 28, E8, C7, 50, 00, 00, 48, 83, C4, 28, E9, 0E, FD, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 48, 89, 4C, 24, 08, 48, 81, EC, 88, 00, 00, 00, 48, 8D, 0D, DD, BA, 01, 00, FF, 15, 1F, F0, 00, 00, 48, 8B, 05, C8, BB, 01, 00, 48, 89, 44, 24, 58, 45, 33, C0, 48, 8D, 54, 24, 60, 48, 8B, 4C, 24, 58, E8, B5, E4, 00, 00, 48, 89, 44, 24, 50, 48, 83, 7C, 24, 50, 00, 74, 41, 48, C7, 44, 24, 38, 00, 00, 00, 00, 48, 8D, 44, 24, 48, 48, 89, 44, 24, 30, 48, 8D, 44, 24, 40, 48, 89, 44, 24...
 
[+]

Code size:
162.5 KB (166,400 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
KONICA MINOLTA PagePro 1350WStatusDisplay

Command:
C:\Windows\System32\mstm64_q.exe


herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.