home

IGFXPERS.EXE

Intel Common User Interface

Intel Corporation

This library is part of Intel's Common User Interface for chipsets with integrated graphics controllers and provides the ability to change different driver properties through Windows User Interface. It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Persistence’.
Publisher:
Intel Corporation  (signed and verified)

Product:
Intel(R) Common User Interface

Description:
persistence Module

Version:
8.15.10.2843

MD5:
2a7dfdb91a62b911264b5516aae3f7fb

SHA-1:
69e0722ce0c4f41085708b780056f2fd91e9198e

SHA-256:
ef2d01c59c67c6a5f3623057368c5cb945bdf34440f00f1d84cc949c6712aa7d

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/23/2024 10:28:06 AM UTC  (today)

File size:
432 KB (442,352 bytes)

Product version:
8.15.10.2843

Copyright:
Copyright 1999-2006, Intel Corporation

Original file name:
IGFXPERS.EXE

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\Windows\System32\igfxpers.exe

Digital Signature
Signed by:
Intel Corporation

Authority:
Intel Corporation

Valid from:
8/6/2012 1:06:11 PM

Valid to:
5/15/2015 3:35:13 PM

Subject:
CN=Intel Corporation - Software and Firmware Products, OU=Intel Architecture Group, O=Intel Corporation

Issuer:
CN=Intel External Basic Issuing CA 3A, O=Intel Corporation, C=US

Serial number:
2F9B73E1000100009080

File PE Metadata
Compilation timestamp:
8/21/2012 12:28:04 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6144:ag7u66SXDKtkDYGCw2z01iIqgzmFGLgfPntSwG2uDcPzpoi8PdEBG:575gaCw2z08hgyImuqT3M

Entry address:
0x280C0

Entry point:
48, 83, EC, 28, E8, 47, 23, 01, 00, E8, 12, 00, 00, 00, 48, 83, C4, 28, C3, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 48, 81, EC, C8, 00, 00, 00, C7, 84, 24, A4, 00, 00, 00, 00, 00, 00, 00, 48, 8D, 4C, 24, 20, FF, 15, 93, 92, 02, 00, EB, 0A, B8, FF, 00, 00, 00, E9, 6B, 01, 00, 00, E8, A2, 01, 00, 00, 89, 84, 24, A0, 00, 00, 00, B9, 01, 00, 00, 00, E8, 31, 1E, 01, 00, 85, C0, 75, 0A, B9, 1C, 00, 00, 00, E8, 53, 01, 00, 00, E8, BE, 6C, 00, 00, 85, C0, 75, 0A, B9, 10, 00, 00, 00, E8, 40, 01, 00, 00...
 
[+]

Entropy:
5.9871

Code size:
318.5 KB (326,144 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Persistence

Command:
C:\Windows\System32\igfxpers.exe


herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.