home

libGLESv2.dll

ANGLE libGLESv2 Dynamic Link Library

Fuyuan Zhou

libGLESv2.dll is the ANGLE library provides seamlessly WebGL and other OpenGL content by translating OpenGL calls to DirectX calls (version 2) and is recompiled by Fuyuan Zhou. The module libGLESv2.dll by Fuyuan Zhou has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. Note, this is a common distributed file and although it has been detected it might not be a threat is un-coupled from its distribution source.
Publisher:
Fuyuan Zhou  (signed and verified)

Product:
ANGLE libGLESv2 Dynamic Link Library

Version:
2.1.0.unknown hash

MD5:
07bee484c79e5e8bb3fb4e1ece90daed

SHA-1:
a8f90b30d23ce3bf0dcc2081356d510d6d2acd7a

SHA-256:
9b435575d264a8ac60dec6ca5b12f4c58415b00f9cfbf3ad0db34bc00783526f

Scanner detections:
1 / 68

Status:
Adware

Explanation:
This is the ANGLE library provides seamlessly WebGL and other OpenGL content by translating OpenGL calls to DirectX calls (version 2). While the file itself is not dangerous, it is part of a program that has been detected.

Analysis date:
1/11/2025 11:57:45 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
16.8.24.10

File size:
1.7 MB (1,763,200 bytes)

Product version:
2.1.0.unknown hash

Copyright:
Copyright (C) 2015 Google Inc.

Original file name:
libGLESv2.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\junetoe\application\libglesv2.dll

Digital Signature
Signed by:
Fuyuan Zhou

Authority:
thawte, Inc.

Valid from:
8/24/2016 2:00:00 AM

Valid to:
6/22/2017 1:59:59 AM

Subject:
CN=Fuyuan Zhou, OU=Individual Developer, O=No Organization Affiliation, L=Beijing, S=Beijing, C=CN

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
77D22DAACE96DBDBC4E25EEF00C3F1D4

File PE Metadata
Compilation timestamp:
8/9/2016 3:59:38 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
14.0

CTPH (ssdeep):
24576:9zRZ8zGqoY2Uhz1i4Q6LuT11c1nAJe6ELIf8bQ3/eO9am251U4eZRtr63r:hNqtpm6iT34AJeqUi/z9/251U/63r

Entry address:
0x12B0BD

Entry point:
55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 0F, 09, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 9E, FE, FF, FF, 83, C4, 0C, 5D, C2, 0C, 00, 57, 56, 53, 33, FF, 8B, 44, 24, 14, 0B, C0, 7D, 14, 47, 8B, 54, 24, 10, F7, D8, F7, DA, 83, D8, 00, 89, 44, 24, 14, 89, 54, 24, 10, 8B, 44, 24, 1C, 0B, C0, 7D, 14, 47, 8B, 54, 24, 18, F7, D8, F7, DA, 83, D8, 00, 89, 44, 24, 1C, 89, 54, 24, 18, 0B, C0, 75, 18, 8B, 4C, 24, 18, 8B, 44, 24, 14, 33, D2, F7, F1, 8B, D8, 8B, 44, 24, 10, F7, F1, 8B, D3, EB, 41, 8B, D8, 8B, 4C...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
1.3 MB (1,369,600 bytes)

Remove libGLESv2.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.