home

mstmon_s.exe

KONICA MINOLTA, INC.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘KONICA MINOLTA magicolor 2400W STD’.
Publisher:
KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.  (signed by KONICA MINOLTA, INC.)

Version:
1, 4, 1111, 1

MD5:
242a0bb53458267ab9c5c2f026439e9c

SHA-1:
887655a79e03e6580f1bd92674c691587c96262d

SHA-256:
d8a80cf29dcc9b848a20240178a81612a3a0001d2eb986a55fc2047e2a0861ae

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 6:47:18 PM UTC  (today)

File size:
269.3 KB (275,808 bytes)

Product version:
1, 4, 1111, 1

Copyright:
Copyright (c) 2006 KONICA MINOLTA BUSINESS TECHNOLOGIES, INC. All rights reserved.

File type:
Executable application (Win64 EXE)

Language:
Language Neutral

Common path:
C:\Windows\System32\mstmon_s.exe

Digital Signature
Signed by:
KONICA MINOLTA, INC.

Authority:
VeriSign, Inc.

Valid from:
4/17/2013 8:00:00 PM

Valid to:
4/18/2014 7:59:59 PM

Subject:
CN="KONICA MINOLTA, INC.", OU=Printer Controller Development Division, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="KONICA MINOLTA, INC.", L=Hachioji-shi, S=Tokyo, C=JP

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
51AE0B22A125B023E32A05674436C65B

File PE Metadata
Compilation timestamp:
12/21/2005 11:44:56 PM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
6144:c1c4maPjrm0UQcesz+BQoUiMZO/MeM1NZ3/N:/p0UQJMXniMNDZ

Entry address:
0x1FBB0

Entry point:
48, 83, EC, 28, E8, 47, 60, 00, 00, 48, 83, C4, 28, E9, FE, FC, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 48, 89, 4C, 24, 08, 48, 81, EC, 88, 00, 00, 00, 48, 8D, 0D, FD, D8, 01, 00, FF, 15, C7, F7, 00, 00, 48, 8B, 05, E8, D9, 01, 00, 48, 89, 44, 24, 58, 45, 33, C0, 48, 8D, 54, 24, 60, 48, 8B, 4C, 24, 58, E8, 95, E8, 00, 00, 48, 89, 44, 24, 50, 48, 83, 7C, 24, 50, 00, 74, 41, 48, C7, 44, 24, 38, 00, 00, 00, 00, 48, 8D, 44, 24, 48, 48, 89, 44, 24, 30, 48, 8D, 44, 24, 40, 48, 89, 44, 24...
 
[+]

Code size:
181.5 KB (185,856 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
KONICA MINOLTA magicolor 2400W STD

Command:
C:\Windows\System32\mstmon_s.exe startup


Scan mstmon_s.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.