home

PrintCtrl.exe

PrintCtrl

ActMask Group Co., Ltd

It runs as a separate (within the context of its own process) windows Service named “Printer Control”.
Publisher:
ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM  (signed by ActMask Group Co., Ltd)

Product:
PrintCtrl

Description:
PrintCtrl 64bit

Version:
1, 0, 4, 8

MD5:
c213c25435e62bc44e1d9bd99490e1a1

SHA-1:
9c5f62ce7138ab5f6b44ddc4190e393a47758a1f

SHA-256:
4aa716bf7c4c1e164d6f58cef08a69118dbf22cca00def1c604b6e090a302520

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/24/2024 11:34:43 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

F-Secure
Trojan.Generic.12424573
5.13.68

File size:
125 KB (127,968 bytes)

Product version:
1, 0, 4, 8

Copyright:
Copyright ? 1998-2011 ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM

Original file name:
PrintCtrl.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\Windows\System32\printctrl.exe

Digital Signature
Signed by:
ActMask Group Co., Ltd

Authority:
COMODO CA Limited

Valid from:
7/17/2013 7:00:00 PM

Valid to:
7/18/2014 6:59:59 PM

Subject:
CN="ActMask Group Co., Ltd", O="ActMask Group Co., Ltd", STREET="Chase Business Center, 39-41 Chase Side", L=London, S=England, PostalCode=N14 5BP, C=GB

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
04B86CE0892C1FA76A07415ABB69419E

File PE Metadata
Compilation timestamp:
10/21/2012 12:35:44 PM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
3072:Xyaoa70/KGpG9qcqzhx6g0Ccq//cnEjELdzJSq:XyaoeepkKzhobCcoUnEjk/

Entry address:
0x72C0

Entry point:
48, 8B, C4, 48, 81, EC, A8, 00, 00, 00, 48, 89, 58, 18, 48, 89, 78, 20, 48, 8D, 48, 88, FF, 15, 64, C0, 00, 00, 90, FF, 15, 55, C0, 00, 00, 48, 8B, C8, 33, D2, 41, B8, 94, 00, 00, 00, FF, 15, 14, C0, 00, 00, 48, 8B, D8, 48, 85, C0, 75, 0A, B8, FF, 00, 00, 00, E9, 62, 02, 00, 00, C7, 00, 94, 00, 00, 00, 48, 8B, C8, FF, 15, 1B, C0, 00, 00, 85, C0, 75, 1E, FF, 15, 19, C0, 00, 00, 48, 8B, C8, 4C, 8B, C3, 33, D2, FF, 15, BB, BF, 00, 00, B8, FF, 00, 00, 00, E9, 31, 02, 00, 00, 8B, 43, 10, 89, 05, 6C, 7F, 01, 00...
 
[+]

Entropy:
6.4063

Code size:
70.5 KB (72,192 bytes)

Service
Display name:
Printer Control

Type:
Win32OwnProcess


Scan PrintCtrl.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.