home

libEGL.dll

ANGLE libEGL Dynamic Link Library

Ad First Catch

Part of an Adpeak program that shows ads in the browser without providing information about the ad's origin. Ads are injected as banners or text-links in random web pages. libEGL.dll is the ANGLE library provides runtime WebGL and other OpenGL content by translating OpenGL calls to DirectX calls and is recompiled by Ad First Catch. The library libEGL.dll by Ad First Catch has been known to be a potentially unwanted program that has been detected by 1 anti-malware scanner. Although a detection has been made for this resource, it is generally a commonly distributed 3rd-party library and is typically safe by itself.
Publisher:
Ad First Catch  (signed and verified)

Product:
ANGLE libEGL Dynamic Link Library

Version:
2.1.df647a2a354d

MD5:
865e9e5ce7f799ee3f3317619d382f8e

SHA-1:
61219b17505898a4d31dfaebe57e5631815a1e56

SHA-256:
6db0622b3ef13200310e2106ea406115129cc8c935560a8ee2415cf0b7c8d21f

Scanner detections:
1 / 68

Status:
Inconclusive but possibly unwanted  (It is part of a common redistributable library)

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
5/20/2024 4:38:38 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Common.PUP.AdPeak
15.4.24.0

File size:
210.4 KB (215,456 bytes)

Product version:
2.1.df647a2a354d

Copyright:
Copyright (C) 2011 Google Inc.

Original file name:
libEGL.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\windows\syswow64\first verify\libegl.dll

Digital Signature
Signed by:
Ad First Catch

Authority:
Ad First Catch

Valid from:
4/14/2015 10:46:48 PM

Valid to:
4/13/2016 10:46:48 PM

Subject:
CN=adfirst.nl, OU=Ads, O=Ad First Catch, S=Holland, C=NL

Issuer:
E=support@firstcatchads.nl, O=Ad First Catch, L=Amsterdam, S=Holland, C=NL

Serial number:
00E592A6D69AFA75B0

File PE Metadata
Compilation timestamp:
10/20/2014 7:38:39 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
12.0

CTPH (ssdeep):
3072:ThhAHrnGOtpc6m3FA+j4htTMP+ZsAg0FudJmg0Ag0FuqW5b/sN9j:ThhinmtO44htQysAOdD0AOZY9j

Entry address:
0xC038

Entry point:
55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, EC, 80, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 0C, 68, 28, 08, 03, 10, E8, 59, 3F, 00, 00, 33, C0, 40, 8B, 75, 0C, 85, F6, 75, 0C, 39, 35, 80, 3A, 03, 10, 0F, 84, E4, 00, 00, 00, 83, 65, FC, 00, 83, FE, 01, 74, 05, 83, FE, 02, 75, 35, 8B, 0D, 90, 69, 02, 10, 85, C9, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D1, 89, 45, E4, 85, C0, 0F, 84, B1, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 11, FE, FF, FF, 89, 45, E4...
 
[+]

Entropy:
6.6327

Developed / compiled with:
Microsoft Visual C++

Code size:
125.5 KB (128,512 bytes)

Scan libEGL.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.