igfxTray.exe

  • File Path: C:\WINDOWS\system32\DriverStore\FileRepository\igdlh64.inf_amd64_69885addc92dcf91\igfxTray.exe

Hashes

Type Hash
MD5 94CE60E4864942F14D34BE93FD8FE80B
SHA1 FF617D804AB034B5774138B4502B52450BDDBE8D
SHA256 7298397567A6E42D1F1624D38AE8963B89C3D3000DA7E3CDC42F87C54B11C93F
SHA384 E998543BFFFF291F196786CF15ABE1035A4CFF6DD172AD5BF431EE1DB957D2092F9D81A997DC373B824E08854C5DD83C
SHA512 A81F1A3687A2DB7C985AA34D6771D880DE8161B147C319C95A4714420E3DCF3731D28301160F64B5A964B1036CC424D169781B4963A8FAC5C3B87EC507D53919
SSDEEP 6144:bOKrfap2ojjnjTmT66cRt6UfBKqmfUQODvtMJfDVChJWRU:HojjnuGfBK3ZMvt6fDVCX

Signature

  • Status: Signature verified.
  • Serial: 330000002D4E7AEC99B0F05F7300000000002D
  • Thumbprint: 431FA5538299F973C06FDE9D6E97CC81C047AB0E
  • Issuer: CN=Microsoft Windows Third Party Component CA 2012, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows Hardware Compatibility Publisher, OU=MOPR, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename:
  • Product Name:
  • Company Name:
  • File Version:
  • Product Version:
  • Language:
  • Legal Copyright:

File Similarity (ssdeep match)

File Score
C:\WINDOWS\system32\DPTopologyApp.exe 38
C:\WINDOWS\system32\DPTopologyAppv2_0.exe 43
C:\WINDOWS\system32\DriverStore\FileRepository\igdlh64.inf_amd64_69885addc92dcf91\DPTopologyApp.exe 40
C:\WINDOWS\system32\DriverStore\FileRepository\igdlh64.inf_amd64_69885addc92dcf91\DPTopologyAppv2_0.exe 43
C:\WINDOWS\system32\DriverStore\FileRepository\igdlh64.inf_amd64_69885addc92dcf91\GfxUIEx.exe 41
C:\WINDOWS\system32\DriverStore\FileRepository\igdlh64.inf_amd64_69885addc92dcf91\Gfxv2_0.exe 29
C:\WINDOWS\system32\DriverStore\FileRepository\igdlh64.inf_amd64_69885addc92dcf91\Gfxv4_0.exe 27
C:\WINDOWS\system32\GfxUIEx.exe 44
C:\WINDOWS\system32\Gfxv2_0.exe 35
C:\WINDOWS\system32\Gfxv4_0.exe 32
C:\WINDOWS\system32\igfxTray.exe 46

Possible Misuse

The following table contains possible examples of igfxTray.exe being misused. While igfxTray.exe is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
malware-ioc oceanlotus * HKCU\SOFTWARE\Intel\Display\igfxcui\igfxtray\;[NUMBER];[DWORD]``{:.highlight .language-cmhg} © ESET 2014-2018
signature-base apt_four_element_sword.yar $s4 = “igfxtray.exe” fullword wide CC BY-NC 4.0

MIT License. Copyright (c) 2020-2021 Strontic.