home

libGLESv2.dll

ANGLE libGLESv2 Dynamic Link Library

Qingdao Ruanmei Network Technology Co.,Ltd.

libGLESv2.dll is the ANGLE library provides seamlessly WebGL and other OpenGL content by translating OpenGL calls to DirectX calls (version 2) and is recompiled by Qingdao Ruanmei Network Technology Co.,Ltd.. The module libGLESv2.dll by Qingdao Ruanmei Network Technology Co.,Ltd has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. Note, this is a common distributed file and although it has been detected it might not be a threat is un-coupled from its distribution source.
Publisher:
Qingdao Ruanmei Network Technology Co.,Ltd.  (signed and verified)

Product:
ANGLE libGLESv2 Dynamic Link Library

Version:
2.1.0.1a1b30c37e13

MD5:
579cc6a97fb2e92fd15ec5d501171a67

SHA-1:
a9bc65d8d1132bb2facc585dfacc7118973f2670

SHA-256:
64873a080099b92bc168a16bd9eaddf2e861533da47f8619f46ea811ca7d2e66

Scanner detections:
1 / 68

Status:
Adware

Explanation:
This is the ANGLE library provides seamlessly WebGL and other OpenGL content by translating OpenGL calls to DirectX calls (version 2). While the file itself is not dangerous, it is part of a program that has been detected.

Analysis date:
11/23/2024 7:58:27 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
17.1.7.23

File size:
2.2 MB (2,336,928 bytes)

Product version:
2.1.0.1a1b30c37e13

Copyright:
Copyright (C) 2015 Google Inc.

Original file name:
libGLESv2.dll

File type:
Dynamic link library (Win64 DLL)

Common path:
C:\Program Files\ruanmei\qiyu\2.1.0.0\libglesv2.dll

Digital Signature
Signed by:
Qingdao Ruanmei Network Technology Co.,Ltd.

Authority:
VeriSign, Inc.

Valid from:
3/13/2016 8:00:00 AM

Valid to:
8/27/2017 7:59:59 AM

Subject:
CN="Qingdao Ruanmei Network Technology Co.,Ltd.", OU=IT, O="Qingdao Ruanmei Network Technology Co.,Ltd.", L=Qingdao, S=Shandong, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
50284BE9AB1A229C8F2C9FDD7B7E4AE4

File PE Metadata
Compilation timestamp:
11/8/2016 6:39:49 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows Console

Linker version:
14.0

Entry address:
0x19F514

Entry point:
48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 49, 8B, F8, 8B, DA, 48, 8B, F1, 83, FA, 01, 75, 05, E8, AF, 06, 00, 00, 4C, 8B, C7, 8B, D3, 48, 8B, CE, 48, 8B, 5C, 24, 30, 48, 8B, 74, 24, 38, 48, 83, C4, 20, 5F, E9, 53, FE, FF, FF, CC, CC, CC, 40, 53, 48, 83, EC, 20, 48, 8D, 05, 1F, 6A, 06, 00, 48, 8B, D9, 48, 89, 01, F6, C2, 01, 74, 0A, BA, 18, 00, 00, 00, E8, 26, FC, FF, FF, 48, 8B, C3, 48, 83, C4, 20, 5B, C3, CC, 48, FF, 25, 19, 9E, 02, 00, CC, 40, 53, 48, 83, EC, 20, 48, 8B, D9, 48, 8B, C2...
 
[+]

Entropy:
6.4953

Code size:
1.8 MB (1,865,216 bytes)

Remove libGLESv2.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.