home

libGLESv2.dll

ANGLE libGLESv2 Dynamic Link Library

Fuyuan Zhou

libGLESv2.dll is the ANGLE library provides seamlessly WebGL and other OpenGL content by translating OpenGL calls to DirectX calls (version 2) and is recompiled by Fuyuan Zhou. The module libGLESv2.dll by Fuyuan Zhou has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. Note, this is a common distributed file and although it has been detected it might not be a threat is un-coupled from its distribution source.
Publisher:
Fuyuan Zhou  (signed and verified)

Product:
ANGLE libGLESv2 Dynamic Link Library

Version:
2.1.0.unknown hash

MD5:
4992cea65f9810e47235856d7c8108b1

SHA-1:
1759d658a6400c48671d461d0b6edda8d14bd35a

SHA-256:
0f212ed4b1f8b5887a3cb000e26f72b71ca2069582ad14076d135d01e11628ba

Scanner detections:
1 / 68

Status:
Adware

Explanation:
This is the ANGLE library provides seamlessly WebGL and other OpenGL content by translating OpenGL calls to DirectX calls (version 2). While the file itself is not dangerous, it is part of a program that has been detected.

Analysis date:
11/23/2024 11:51:56 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
16.7.27.14

File size:
1.7 MB (1,734,528 bytes)

Product version:
2.1.0.unknown hash

Copyright:
Copyright (C) 2015 Google Inc.

Original file name:
libGLESv2.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\chromium\application\libglesv2.dll

Digital Signature
Signed by:
Fuyuan Zhou

Authority:
thawte, Inc.

Valid from:
7/24/2016 9:00:00 PM

Valid to:
6/21/2017 8:59:59 PM

Subject:
CN=Fuyuan Zhou, OU=Individual Developer, O=No Organization Affiliation, L=Beijing, S=Beijing, C=CN

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
4AC20618E32CD1852F905D6065B9B8B8

File PE Metadata
Compilation timestamp:
7/26/2016 2:35:40 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
14.0

CTPH (ssdeep):
49152:m+jjJEg0jBo1YHb+aATFSP2eS8eoW7BoFgi/Ye:npEg0jBo1YHuZS68eoW7kf

Entry address:
0x128C6A

Entry point:
55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 52, 09, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, B1, FE, FF, FF, 83, C4, 0C, 5D, C2, 0C, 00, CC, CC, CC, 57, 56, 53, 33, FF, 8B, 44, 24, 14, 0B, C0, 7D, 14, 47, 8B, 54, 24, 10, F7, D8, F7, DA, 83, D8, 00, 89, 44, 24, 14, 89, 54, 24, 10, 8B, 44, 24, 1C, 0B, C0, 7D, 14, 47, 8B, 54, 24, 18, F7, D8, F7, DA, 83, D8, 00, 89, 44, 24, 1C, 89, 54, 24, 18, 0B, C0, 75, 18, 8B, 4C, 24, 18, 8B, 44, 24, 14, 33, D2, F7, F1, 8B, D8, 8B, 44, 24, 10, F7, F1, 8B, D3, EB, 41, 8B...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
1.3 MB (1,345,024 bytes)

Remove libGLESv2.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.