libGLESv2.dll

ANGLE libGLESv2 Dynamic Link Library

Shulan Hou

libGLESv2.dll is the ANGLE library provides seamlessly WebGL and other OpenGL content by translating OpenGL calls to DirectX calls (version 2) and is recompiled by Shulan Hou. The module libGLESv2.dll by Shulan Hou has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. Note, this is a common distributed file and although it has been detected it might not be a threat is un-coupled from its distribution source.
Publisher:
Shulan Hou  (signed and verified)

Product:
ANGLE libGLESv2 Dynamic Link Library

Version:
2.1.0.unknown hash

MD5:
e322a02231c38b84af086cfeb1a6c196

SHA-1:
dd9c992fca352981fb6f2fa268c6778bf971e31d

SHA-256:
985184ce0657937c42209ed53ed30285cb74ef429ff5913b1165e4982c764a99

Scanner detections:
1 / 68

Status:
Adware

Explanation:
This is the ANGLE library provides seamlessly WebGL and other OpenGL content by translating OpenGL calls to DirectX calls (version 2). While the file itself is not dangerous, it is part of a program that has been detected.

Analysis date:
12/24/2024 4:35:08 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.ELEX (M)
16.7.30.5

File size:
1.7 MB (1,763,200 bytes)

Product version:
2.1.0.unknown hash

Copyright:
Copyright (C) 2015 Google Inc.

Original file name:
libGLESv2.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\birddear\application\libglesv2.dll

Digital Signature
Signed by:

Authority:
thawte, Inc.

Valid from:
7/27/2016 9:00:00 PM

Valid to:
6/13/2017 8:59:59 PM

Subject:
CN=Shulan Hou, OU=Individual Developer, O=No Organization Affiliation, L=Beijing, S=Beijing, C=CN

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
74702DFF5D4056B847D009A2265FB1B3

File PE Metadata
Compilation timestamp:
7/29/2016 12:25:50 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
14.0

CTPH (ssdeep):
49152:niBjKVnq4+mi1CSyzPa+R5EMvgVkCBf+J:2jKVnq4+mGUzb4Myfa

Entry address:
0x12B10D

Entry point:
55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 2F, 09, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 9E, FE, FF, FF, 83, C4, 0C, 5D, C2, 0C, 00, 57, 56, 53, 33, FF, 8B, 44, 24, 14, 0B, C0, 7D, 14, 47, 8B, 54, 24, 10, F7, D8, F7, DA, 83, D8, 00, 89, 44, 24, 14, 89, 54, 24, 10, 8B, 44, 24, 1C, 0B, C0, 7D, 14, 47, 8B, 54, 24, 18, F7, D8, F7, DA, 83, D8, 00, 89, 44, 24, 1C, 89, 54, 24, 18, 0B, C0, 75, 18, 8B, 4C, 24, 18, 8B, 44, 24, 14, 33, D2, F7, F1, 8B, D8, 8B, 44, 24, 10, F7, F1, 8B, D3, EB, 41, 8B, D8, 8B, 4C...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
1.3 MB (1,369,600 bytes)

Remove libGLESv2.dll - Powered by Reason Core Security