ntprint.exe

  • File Path: C:\Windows\system32\ntprint.exe
  • Description: Printer driver software installation

Hashes

Type Hash
MD5 6376E0AC71E2795B8924308C69641D31
SHA1 5755CD65CD7B79A97220A69BDA79801884DE7E56
SHA256 DA9C3C6745F1A186C3F2938F98EC5F8432058139607ACB6D684A4879881B6DF0
SHA384 085BE66C5CC74F5AB041343AE41E96C29D7D1B358F30DA15514AB2963A4FFC1A6C446E0837125ED458AF5394DF1EDE9B
SHA512 58FCF42D2F3398C82BC8C80D77962860B22EB7A894FA1ECC8F6A9EAE8259F4BF7A38F433E627C5BF3F1BBFFE8B19D2C68936530D5226EADF56ABACC14AF1C5B8
SSDEEP 768:BykF8JkZnr95vI1iQfCIWVM9G4qW4ne+S/ly+PKAoXRZX6fbX57UWkCRPPA7/Qn+:ByiWkJxVIPd4n+lbeRZIbSQPPA73
IMP 598CA250C4CE0ED92CFA650D081AD874
PESHA1 46E9B83684536A94D6A39316132FA532EA9E7B23
PE256 C22429606BF3C98459EEF1A196733D1D5209FA3698F17E18275A0A20A0C4D248

Runtime Data

Loaded Modules:

Path
C:\Windows\System32\GDI32.dll
C:\Windows\System32\gdi32full.dll
C:\Windows\System32\KERNEL32.DLL
C:\Windows\System32\KERNELBASE.dll
C:\Windows\System32\msvcp_win.dll
C:\Windows\SYSTEM32\ntdll.dll
C:\Windows\system32\ntprint.exe
C:\Windows\System32\ucrtbase.dll
C:\Windows\System32\win32u.dll

Signature

  • Status: Signature verified.
  • Serial: 3300000266BD1580EFA75CD6D3000000000266
  • Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: ntprint.exe.mui
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.19041.1 (WinBuild.160101.0800)
  • Product Version: 10.0.19041.1
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: 0/75
  • VirusTotal Link: https://www.virustotal.com/gui/file/da9c3c6745f1a186c3f2938f98ec5f8432058139607acb6d684a4879881b6df0/detection

File Similarity (ssdeep match)

File Score
C:\WINDOWS\splwow64.exe 43
C:\Windows\splwow64.exe 44
C:\Windows\splwow64.exe 41
C:\windows\splwow64.exe 46
C:\Windows\system32\ntprint.exe 85
C:\WINDOWS\system32\ntprint.exe 88
C:\windows\system32\ntprint.exe 88
C:\Windows\system32\ntprint.exe 90
C:\WINDOWS\system32\ntprint.exe 86
C:\Windows\system32\ntprint.exe 88
C:\Windows\system32\PrintIsolationHost.exe 61
C:\Windows\system32\PrintIsolationHost.exe 57
C:\Windows\system32\PrintIsolationHost.exe 57
C:\WINDOWS\system32\PrintIsolationHost.exe 57
C:\Windows\system32\PrintIsolationHost.exe 54
C:\WINDOWS\system32\PrintIsolationHost.exe 61
C:\windows\system32\PrintIsolationHost.exe 61
C:\Windows\system32\printui.exe 88
C:\Windows\system32\printui.exe 82
C:\Windows\system32\printui.exe 82
C:\Windows\system32\printui.exe 79
C:\WINDOWS\system32\printui.exe 88
C:\windows\system32\printui.exe 86
C:\WINDOWS\system32\printui.exe 83
C:\Windows\system32\printui.exe 85
C:\windows\SysWOW64\ntprint.exe 85
C:\WINDOWS\SysWOW64\ntprint.exe 85
C:\Windows\SysWOW64\ntprint.exe 83
C:\WINDOWS\SysWOW64\ntprint.exe 82
C:\Windows\SysWOW64\ntprint.exe 88
C:\Windows\SysWOW64\ntprint.exe 86
C:\Windows\SysWOW64\ntprint.exe 88
C:\WINDOWS\SysWOW64\printui.exe 83
C:\Windows\SysWOW64\printui.exe 86
C:\Windows\SysWOW64\printui.exe 88
C:\WINDOWS\SysWOW64\printui.exe 88
C:\windows\SysWOW64\printui.exe 85
C:\Windows\SysWOW64\printui.exe 83
C:\Windows\SysWOW64\printui.exe 86
C:\Windows\SysWOW64\printui.exe 86

MIT License. Copyright (c) 2020-2021 Strontic.