igfxTray.exe

  • File Path: C:\WINDOWS\system32\igfxTray.exe

Hashes

Type Hash
MD5 7B5147E66B50A838C77345CF6D3065DC
SHA1 62B78AA9545086ECE58159DFAB333146A44D5ADB
SHA256 B294F70C34E70EDB258CA6FFAD6D9460A231A05CD17A800FE66F59232641271F
SHA384 6D4A2BC11A0ECEE2D268363792243EDD000365FD307380BC5963A91C22DC8F05427AD7D7603DCC42EAF02FE9BD6FE0C2
SHA512 D42169C86E0A06249719FAE3EC7071C736F1A799E1D63D31DCFE14A1C1DF286C28DF679BE496B59717BEE7F7240ACC4F1D249610FA06A40D7D18640F017DD84C
SSDEEP 6144:QjZFw8QTQSJ4KasLh6a2eUdAEu6ODvtMJfDVChJWMl:Yw8TiB2eUzu6Mvt6fDVC

Signature

  • Status: Signature verified.
  • Serial: 3300000010D1EBBCBE1C4C7C49000100000010
  • Thumbprint: C802CA01BC3064BFC0510CC762FFAA20BFE8EC61
  • Issuer: CN=Microsoft Windows Hardware Compatibility PCA, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows Hardware Compatibility Publisher, OU=MOPR, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename:
  • Product Name:
  • Company Name:
  • File Version:
  • Product Version:
  • Language:
  • Legal Copyright:

File Similarity (ssdeep match)

File Score
C:\WINDOWS\system32\DPTopologyApp.exe 41
C:\WINDOWS\system32\DPTopologyAppv2_0.exe 49
C:\WINDOWS\system32\DriverStore\FileRepository\igdlh64.inf_amd64_69885addc92dcf91\DPTopologyApp.exe 47
C:\WINDOWS\system32\DriverStore\FileRepository\igdlh64.inf_amd64_69885addc92dcf91\DPTopologyAppv2_0.exe 41
C:\WINDOWS\system32\DriverStore\FileRepository\igdlh64.inf_amd64_69885addc92dcf91\GfxUIEx.exe 43
C:\WINDOWS\system32\DriverStore\FileRepository\igdlh64.inf_amd64_69885addc92dcf91\Gfxv2_0.exe 29
C:\WINDOWS\system32\DriverStore\FileRepository\igdlh64.inf_amd64_69885addc92dcf91\Gfxv4_0.exe 27
C:\WINDOWS\system32\DriverStore\FileRepository\igdlh64.inf_amd64_69885addc92dcf91\igfxTray.exe 46
C:\WINDOWS\system32\GfxUIEx.exe 36
C:\WINDOWS\system32\Gfxv2_0.exe 33
C:\WINDOWS\system32\Gfxv4_0.exe 35

Possible Misuse

The following table contains possible examples of igfxTray.exe being misused. While igfxTray.exe is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
malware-ioc oceanlotus * HKCU\SOFTWARE\Intel\Display\igfxcui\igfxtray\;[NUMBER];[DWORD]``{:.highlight .language-cmhg} © ESET 2014-2018
signature-base apt_four_element_sword.yar $s4 = “igfxtray.exe” fullword wide CC BY-NC 4.0

MIT License. Copyright (c) 2020-2021 Strontic.