After wrestling with the concept for a while I finally figured out how to get this set up.

After installing cntlm, I ran the following from a command prompt:

"c:\Program Files (x86)\Cntlm\cntlm.exe" -u <user_name> -d <domain_name> -H

This asks for your password and spits out three hashes to use in the configuration file.

I whittled down the required configuration in cntlm.ini to:

Username    <user_name>
Domain      <domain_name>

PassLM          <LM_hash>
PassNT          <NT_hash>
PassNTLMv2      <NTLMv2_hash>

Proxy       192.168.7.1:80 #random proxy
NoProxy *

Listen      3133 # unused port

cntlm forces your to specify a top-level proxy even if you don't need one or have one, so any valid number for that option will do. Setting NoProxy to * ensures that any request never gets passed on to the bogus proxy specified.

Run "c:\Program Files (x86)\Cntlm\cntlm.exe" -f in a console to verify that everything is working. Otherwise, start and stop it as a service.

To test with phantomjs I used the following script:

var page = require('webpage').create();

page.open('http://<machine_name>/myapp', function(status) {
  console.log("Status: " + status);
  if(status === "success") {
    page.render('example.png');
  }
  phantom.exit();
});

<machine_name> cannot be localhost because phantomjs bypasses proxies when the host is localhost, so use your machine name or ip address instead.

To run it: phantomjs --proxy=localhost:3133 test.js