home

mstm64_q.exe

KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘KONICA MINOLTA PagePro 1350WStatusDisplay’.
Publisher:
KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.  (signed and verified)

Version:
1, 0, 0, 0

MD5:
417318f0fa36ebd96cd327d6ffb454ef

SHA-1:
a9bcc9c02201d9e1d61c0d9718fccf265cf3cc25

SHA-256:
a135ef5ebc3ff6cd53b3f3a00afe80087a87e8cd1bc5beabf48864db68c95f96

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 7:20:55 AM UTC  (today)

File size:
242.4 KB (248,248 bytes)

Product version:
1, 0, 0, 0

Copyright:
Copyright (c) 2011 KONICA MINOLTA BUSINESS TECHNOLOGIES, INC. All rights reserved.

File type:
Executable application (Win64 EXE)

Common path:
C:\Windows\System32\mstm64_q.exe

Digital Signature
Signed by:
KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.

Authority:
VeriSign, Inc.

Valid from:
5/27/2010 2:00:00 AM

Valid to:
5/28/2011 1:59:59 AM

Subject:
CN="KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.", OU="Electronic Information Technology R&D Center, Div.1", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.", L=Hachioji-shi, S=Tokyo, C=JP

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
71A7CD66D949310229E0B90C27425DD8

File PE Metadata
Compilation timestamp:
3/9/2011 2:38:05 AM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
3072:7ukhcOc1vJJQGLkEVFLzVMBs6TTShiNevmZOKeecvAA2J1r8LiU3mb:71h417P4EjVuBTTHwmZOJrCU3mb

Entry address:
0x1B350

Entry point:
48, 83, EC, 28, E8, C7, 50, 00, 00, 48, 83, C4, 28, E9, 0E, FD, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 48, 89, 4C, 24, 08, 48, 81, EC, 88, 00, 00, 00, 48, 8D, 0D, DD, BA, 01, 00, FF, 15, 1F, F0, 00, 00, 48, 8B, 05, C8, BB, 01, 00, 48, 89, 44, 24, 58, 45, 33, C0, 48, 8D, 54, 24, 60, 48, 8B, 4C, 24, 58, E8, B5, E4, 00, 00, 48, 89, 44, 24, 50, 48, 83, 7C, 24, 50, 00, 74, 41, 48, C7, 44, 24, 38, 00, 00, 00, 00, 48, 8D, 44, 24, 48, 48, 89, 44, 24, 30, 48, 8D, 44, 24, 40, 48, 89, 44, 24...
 
[+]

Code size:
162.5 KB (166,400 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
KONICA MINOLTA PagePro 1350WStatusDisplay

Command:
C:\Windows\System32\mstm64_q.exe


herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.