IGFXPERS.EXE

Intel Common User Interface

Intel Corporation

This library is part of Intel's Common User Interface for chipsets with integrated graphics controllers and provides the ability to change different driver properties through Windows User Interface. It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Persistence’.
Publisher:
Intel Corporation  (signed and verified)

Product:
Intel(R) Common User Interface

Description:
persistence Module

Version:
8.15.10.2430

MD5:
14bfa3786bab9a026210354e9a3ba011

SHA-1:
013c7c92cc0634166fbc08e968511f57a451c278

SHA-256:
d558c76ecf79166163188d14069c076c7e91b19b5a9e8181b9b41ee9972fe090

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/4/2016 11:32:18 PM UTC  (today)

File size:
406.3 KB (416,024 bytes)

Product version:
8.15.10.2430

Copyright:
Copyright 1999-2006, Intel Corporation

Original file name:
IGFXPERS.EXE

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\Windows\System32\igfxpers.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
3/8/2011 1:00:00 AM

Valid to:
4/23/2014 1:59:59 AM

Subject:
CN=Intel Corporation, OU=ISWQL, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Intel Corporation, L=Folsom, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
10021A27D28312885C613AA498580F6F

File PE Metadata
Compilation timestamp:
6/27/2011 3:24:03 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6144:P8kDfcU4Eu+c30rxsibiLV3Wss60UGZIOvbT0K:PHcU4Eu+c3+xVOmV0K

Entry address:
0x25960

Entry point:
48, 83, EC, 28, E8, 87, 01, 01, 00, E8, 12, 00, 00, 00, 48, 83, C4, 28, C3, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 48, 81, EC, C8, 00, 00, 00, C7, 84, 24, A4, 00, 00, 00, 00, 00, 00, 00, 48, 8D, 4C, 24, 20, FF, 15, E3, 69, 02, 00, EB, 0A, B8, FF, 00, 00, 00, E9, 6B, 01, 00, 00, E8, A2, 01, 00, 00, 89, 84, 24, A0, 00, 00, 00, B9, 01, 00, 00, 00, E8, 71, FC, 00, 00, 85, C0, 75, 0A, B9, 1C, 00, 00, 00, E8, 53, 01, 00, 00, E8, 8E, 37, 00, 00, 85, C0, 75, 0A, B9, 10, 00, 00, 00, E8, 40, 01, 00, 00...
 
[+]

Code size:
299.5 KB (306,688 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Persistence

Command:
C:\Windows\System32\igfxpers.exe