× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 31ec34311f87dd6a318287c9e162dd5e2f36952b90029211448492fcecbe5d83
File name: libEGL
Detection ratio: 0 / 63
Analysis date: 2019-03-03 01:48:56 UTC ( 2 months, 3 weeks ago )
Antivirus Result Update
Acronis 20190222
Ad-Aware 20190302
AegisLab 20190302
AhnLab-V3 20190302
Alibaba 20180921
ALYac 20190302
Antiy-AVL 20190302
Arcabit 20190302
Avast 20190302
Avast-Mobile 20190302
AVG 20190302
Avira (no cloud) 20190302
Babable 20180917
Baidu 20190214
BitDefender 20190302
Bkav 20190301
CAT-QuickHeal 20190228
ClamAV 20190303
CMC 20190302
Comodo 20190302
CrowdStrike Falcon (ML) 20190212
Cybereason 20190109
Cyren 20190302
DrWeb 20190302
eGambit 20190302
Emsisoft 20190302
Endgame 20190215
ESET-NOD32 20190302
F-Secure 20190302
Fortinet 20190302
GData 20190302
Ikarus 20190302
Sophos ML 20181128
Jiangmin 20190302
K7AntiVirus 20190301
K7GW 20190301
Kaspersky 20190302
Kingsoft 20190302
Malwarebytes 20190302
MAX 20190302
McAfee 20190302
McAfee-GW-Edition 20190302
Microsoft 20190302
eScan 20190302
NANO-Antivirus 20190302
Palo Alto Networks (Known Signatures) 20190302
Panda 20190301
Qihoo-360 20190302
SentinelOne (Static ML) 20190203
Sophos AV 20190302
SUPERAntiSpyware 20190227
Symantec 20190302
Symantec Mobile Insight 20190220
TACHYON 20190302
Tencent 20190302
TheHacker 20190224
TotalDefense 20190302
Trapmine 20190228
Trustlook 20190302
VBA32 20190301
ViRobot 20190302
Webroot 20190302
Yandex 20190301
ZoneAlarm by Check Point 20190302
Zoner 20190302
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 2011 Google Inc.

Product ANGLE libEGL Dynamic Link Library
Original name libEGL.dll
Internal name libEGL
File version 0.0.0.696
Description ANGLE libEGL Dynamic Link Library
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2011-07-07 14:36:36
Entry Point 0x0000A8C6
Number of sections 5
PE sections
PE imports
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
GetStdHandle
EnterCriticalSection
GetConsoleOutputCP
SetHandleCount
GetConsoleCP
FreeLibrary
LCMapStringA
IsDebuggerPresent
ExitProcess
TlsAlloc
GetEnvironmentStringsW
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetModuleFileNameA
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetEnvironmentStrings
GetConsoleMode
GetLocaleInfoA
GetCurrentProcessId
LCMapStringW
GetCPInfo
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
HeapSize
FreeEnvironmentStringsW
GetCommandLineA
GetProcAddress
GetStringTypeA
GetFileType
SetStdHandle
RaiseException
WideCharToMultiByte
TlsFree
SetFilePointer
InterlockedExchange
SetUnhandledExceptionFilter
WriteFile
GetStartupInfoA
CloseHandle
GetSystemTimeAsFileTime
GetACP
HeapReAlloc
GetStringTypeW
GetModuleHandleW
HeapDestroy
GetOEMCP
LocalFree
TerminateProcess
QueryPerformanceCounter
WriteConsoleA
GetVersion
IsValidCodePage
HeapCreate
VirtualFree
TlsGetValue
Sleep
SetLastError
GetTickCount
TlsSetValue
CreateFileA
HeapAlloc
GetCurrentThreadId
LeaveCriticalSection
VirtualAlloc
LocalAlloc
WriteConsoleW
InterlockedIncrement
GetWindowThreadProcessId
SetWindowLongW
IsWindow
GetPropW
CreateWindowExW
GetClientRect
RemovePropW
CallWindowProcW
DestroyWindow
SetPropW
InvalidateRect
D3DPERF_BeginEvent
Direct3DCreate9
D3DPERF_EndEvent
D3DPERF_SetMarker
D3DPERF_GetStatus
Ord(144)
Ord(145)
Ord(148)
Ord(146)
Ord(147)
Ord(158)
PE exports
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 2
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
0.0.0.696

LanguageCode
English (U.S.)

FileFlagsMask
0x0017

FileDescription
ANGLE libEGL Dynamic Link Library

ImageFileCharacteristics
Executable, 32-bit, DLL

CharacterSet
Unicode

InitializedDataSize
34304

PrivateBuild
0.0.0.696

EntryPoint
0xa8c6

OriginalFileName
libEGL.dll

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) 2011 Google Inc.

FileVersion
0.0.0.696

TimeStamp
2011:07:07 07:36:36-07:00

FileType
Win32 DLL

PEType
PE32

InternalName
libEGL

ProductVersion
0.0.0.696

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Win32

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

CodeSize
79872

ProductName
ANGLE libEGL Dynamic Link Library

ProductVersionNumber
0.0.0.696

FileTypeExtension
dll

ObjectFileType
Dynamic link library

CarbonBlack CarbonBlack acts as a surveillance camera for computers
While monitoring an end-user machine in-the-wild, CarbonBlack noticed the following files in execution wrote this sample to disk.
Compressed bundles
File identification
MD5 119323633811270be54efaa8fcbb6e2c
SHA1 eaa88008e772fa5f0b6eb6e82041bee9866aa421
SHA256 31ec34311f87dd6a318287c9e162dd5e2f36952b90029211448492fcecbe5d83
ssdeep
1536:inqnA5BUBZqdik9LQ+M+Eu2SCw0DKp4fFEsiWTAJcquHFm:wBUBodikKKPLC1eqiWTAJjuHF

authentihash 27720e688efa20e8ddb445220fcc774488b3b4016b8b5c0d3057c2b16017b661
imphash e2b9936f92b20b82dabb0f38d4e501c6
File size 112.5 KB ( 115200 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (console) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
pedll

VirusTotal metadata
First submission 2011-09-13 09:40:10 UTC ( 7 years, 8 months ago )
Last submission 2018-05-18 18:11:23 UTC ( 1 year ago )
File names libEGL
smona_31ec34311f87dd6a318287c9e162dd5e2f36952b90029211448492fcecbe5d83.bin
libEGL.dll
49EE0BD100CBD360C22401C234F9C90023E89126.dll
5kuiachhol5f6c3ow3ucaqn65gdgvjbb.dll
libEGL.dll
vt-upload-mOtY3
libegl.dll
libEGL.dll
libEGL.dll
libEGL.dll
libegl.dll
libegl.dll
libEGL.dll
libEGL.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!