ntprint.exe

  • File Path: C:\Windows\system32\ntprint.exe
  • Description: Printer driver software installation

Hashes

Type Hash
MD5 6E8AB8FC1FCEE93235310B2EA8B2F49F
SHA1 05A740B65B2DB2969EF559605B4A99AEBC5D8BF0
SHA256 0209A7E9FD4FDB646A9BB85CE2D15FCAC93999932A5C707420DCDF1ED56D50EC
SHA384 530F57B82B466ADDDB2AAA18DC8BAE56C15DD20A435C75276D4555A43DDF8251563D3B902D1D68430074607028EDA562
SHA512 F5FE99528667E09C4348F6AE02A5C0A7FE3C6A3877B42354C5DBD1E1D24A5075F17BD1342BCF65EA48FDF5A0D0137B35D58B1D89017194766A53119D553D94FF
SSDEEP 768:d0wzkr95vI1iQfCIWVM9G4qW4ne+S/ly+PKAoXRZX6fbX57UWkCRPPA7/Qn6:d/ixVIPd4n+lbeRZIbSQPPA7L
IMP 598CA250C4CE0ED92CFA650D081AD874
PESHA1 C79ED7EA54C03773FD90998B64AF8CFCF0C3348E
PE256 8D2F369FCE40784580634A64A6E7DEE3F5B194AD329CA45751272A0BC9C24BE9

Runtime Data

Loaded Modules:

Path
C:\Windows\System32\GDI32.dll
C:\Windows\System32\gdi32full.dll
C:\Windows\System32\KERNEL32.DLL
C:\Windows\System32\KERNELBASE.dll
C:\Windows\System32\msvcp_win.dll
C:\Windows\SYSTEM32\ntdll.dll
C:\Windows\system32\ntprint.exe
C:\Windows\System32\ucrtbase.dll
C:\Windows\System32\win32u.dll

Signature

  • Status: Signature verified.
  • Serial: 33000002EC6579AD1E670890130000000002EC
  • Thumbprint: F7C2F2C96A328C13CDA8CDB57B715BDEA2CBD1D9
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: ntprint.exe.mui
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.19041.1023 (WinBuild.160101.0800)
  • Product Version: 10.0.19041.1023
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: 0/72
  • VirusTotal Link: https://www.virustotal.com/gui/file/0209a7e9fd4fdb646a9bb85ce2d15fcac93999932a5c707420dcdf1ed56d50ec/detection

File Similarity (ssdeep match)

File Score
C:\WINDOWS\splwow64.exe 41
C:\Windows\splwow64.exe 43
C:\Windows\splwow64.exe 40
C:\windows\splwow64.exe 43
C:\Windows\system32\ntprint.exe 90
C:\WINDOWS\system32\ntprint.exe 93
C:\windows\system32\ntprint.exe 90
C:\Windows\system32\ntprint.exe 90
C:\WINDOWS\system32\ntprint.exe 90
C:\Windows\system32\ntprint.exe 90
C:\Windows\system32\PrintIsolationHost.exe 60
C:\Windows\system32\PrintIsolationHost.exe 58
C:\Windows\system32\PrintIsolationHost.exe 60
C:\WINDOWS\system32\PrintIsolationHost.exe 55
C:\Windows\system32\PrintIsolationHost.exe 58
C:\WINDOWS\system32\PrintIsolationHost.exe 60
C:\windows\system32\PrintIsolationHost.exe 68
C:\Windows\system32\printui.exe 88
C:\Windows\system32\printui.exe 85
C:\Windows\system32\printui.exe 85
C:\Windows\system32\printui.exe 82
C:\WINDOWS\system32\printui.exe 90
C:\windows\system32\printui.exe 90
C:\WINDOWS\system32\printui.exe 85
C:\Windows\system32\printui.exe 88
C:\windows\SysWOW64\ntprint.exe 88
C:\WINDOWS\SysWOW64\ntprint.exe 86
C:\Windows\SysWOW64\ntprint.exe 86
C:\WINDOWS\SysWOW64\ntprint.exe 86
C:\Windows\SysWOW64\ntprint.exe 88
C:\Windows\SysWOW64\ntprint.exe 91
C:\Windows\SysWOW64\ntprint.exe 91
C:\WINDOWS\SysWOW64\printui.exe 88
C:\Windows\SysWOW64\printui.exe 90
C:\Windows\SysWOW64\printui.exe 90
C:\WINDOWS\SysWOW64\printui.exe 91
C:\windows\SysWOW64\printui.exe 88
C:\Windows\SysWOW64\printui.exe 86
C:\Windows\SysWOW64\printui.exe 90
C:\Windows\SysWOW64\printui.exe 88

MIT License. Copyright (c) 2020-2021 Strontic.