home

mstm64_q.exe

KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘KONICA MINOLTA PagePro 1350WStatusDisplay’.
Publisher:
KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.  (signed and verified)

Version:
1, 0, 0, 0

MD5:
a730689cbffdfcb30aeb4ad511dae9c6

SHA-1:
0bdfe15be6c8bd84d642940a9f72dd5a84a2bce3

SHA-256:
20c61dc15f7e7d95329a3f3fa59705cacc7b64d446dc66308a1a9ce89dff45db

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 11:46:55 PM UTC  (a few moments ago)

File size:
242.4 KB (248,248 bytes)

Product version:
1, 0, 0, 0

Copyright:
Copyright (c) 2011 KONICA MINOLTA BUSINESS TECHNOLOGIES, INC. All rights reserved.

File type:
Executable application (Win64 EXE)

Language:
Language Neutral

Common path:
C:\Windows\System32\mstm64_q.exe

Digital Signature
Signed by:
KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.

Authority:
VeriSign, Inc.

Valid from:
5/27/2010 2:00:00 AM

Valid to:
5/28/2011 1:59:59 AM

Subject:
CN="KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.", OU="Electronic Information Technology R&D Center, Div.1", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.", L=Hachioji-shi, S=Tokyo, C=JP

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
71A7CD66D949310229E0B90C27425DD8

File PE Metadata
Compilation timestamp:
3/9/2011 2:38:05 AM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
3072:AukhcOc1vJJQGLkEVFLzVMBs6TTShiNevmZOKeecvAA2J1r8LiU3BkZwlaqcsY:A1h417P4EjVuBTTHwmZOJrCU3+sY

Entry address:
0x1B350

Entry point:
48, 83, EC, 28, E8, C7, 50, 00, 00, 48, 83, C4, 28, E9, 0E, FD, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 48, 89, 4C, 24, 08, 48, 81, EC, 88, 00, 00, 00, 48, 8D, 0D, DD, BA, 01, 00, FF, 15, 1F, F0, 00, 00, 48, 8B, 05, C8, BB, 01, 00, 48, 89, 44, 24, 58, 45, 33, C0, 48, 8D, 54, 24, 60, 48, 8B, 4C, 24, 58, E8, B5, E4, 00, 00, 48, 89, 44, 24, 50, 48, 83, 7C, 24, 50, 00, 74, 41, 48, C7, 44, 24, 38, 00, 00, 00, 00, 48, 8D, 44, 24, 48, 48, 89, 44, 24, 30, 48, 8D, 44, 24, 40, 48, 89, 44, 24...
 
[+]

Code size:
162.5 KB (166,400 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
KONICA MINOLTA PagePro 1350WStatusDisplay

Command:
C:\Windows\System32\mstm64_q.exe


herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.