Multi-License Discount Quote

Change Region

English
Threat Database Trojans Trojan.DLLHijack.H

Trojan.DLLHijack.H

By CagedTech in Trojans

Threat Scorecard

Popularity Rank: 10,319
Threat Level: 80 % (High)
Infected Computers: 181
First Seen: September 15, 2023
Last Seen: March 3, 2026
OS(es) Affected: Windows

Analysis Report

General information

Family Name: Trojan.DLLHijack.H
Signature status: No Signature

Known Samples

MD5: c3b03d686994ccc2d8589a6486077fc1
SHA1: 125d7eda8da0038b307e76868fc8cf4aca17f965
SHA256: 6C982871F730D97AB825904929FF6C64F2CE48E2B7DADDDE614918C74E1A3551
File Size: 3.72 MB, 3721216 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have security information
  • File has exports table
  • File has TLS information
  • File is 64-bit executable
  • File is either console or GUI application
  • File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
  • File is Native application (NOT .NET application)
  • File is not packed
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
Show More
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

Windows PE Version Information

Name Value
Company Name Microsoft Corporation
Company Short Name Microsoft
File Description Microsoft Edge
File Version 131.0.2903.70
Internal Name msedge_elf_dll
Last Change 73cf19ceae66a569bd8b9ca6ad4a09a4c413269d
Legal Copyright Copyright Microsoft Corporation. All rights reserved.
Official Build 1
Original Filename msedge_elf.dll
Product Name Microsoft Edge
Product Short Name Edge
Product Version 131.0.2903.70

File Traits

  • 2+ executable sections
  • dll
  • HighEntropy
  • ntdll
  • WriteProcessMemory
  • x64

Block Information

Total Blocks: 10,708
Potentially Malicious Blocks: 3,216
Whitelisted Blocks: 7,489
Unknown Blocks: 3

Visual Map

0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 x x 0 x 0 x 0 x x 0 x x x x x x x 0 0 x x 0 x x x x x x 0 x x x x x x x x x 0 0 0 0 0 0 0 x x 0 x x x x x x x x 0 x x 0 x x x x 0 0 0 0 0 x 0 0 0 0 x x 0 x x 0 x x x 0 x x x x x x x x x x x 0 x x x x x x x 0 x x x 0 x x x x x x x x x 0 x 0 0 x x x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x x x 0 x x x 0 x 0 x x 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 x 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 x 0 x 0 0 0 0 x 0 x x x 0 0 0 0 x 0 0 x x x x x x 0 x x x x x 0 x x x 0 x x x x x x x x 0 x x 0 x x x x 0 x x 0 x x x x x x x x x 0 0 x x 0 x x 0 x x x x 0 x x 0 0 x x x 0 0 x 0 0 0 0 0 x 0 x 0 0 x 0 0 0 x 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 x x 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 x x x 0 0 0 0 0 0 x 0 0 x 0 x x x x 0 0 x 0 0 0 x x x x 0 0 x x x 0 x x x 0 x 0 0 x x x 0 x x 0 x x x 0 0 x x 0 x x x x 0 0 x x 0 0 x x 0 0 x x x 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 x 0 0 0 0 x 0 x 0 x 0 0 0 0 x x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 x x 0 0 0 x x x 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 x x 0 x x 0 x 0 x x 0 x 0 0 x x 0 x x 0 x x x x 0 x x x 0 0 0 x x 0 x x 0 0 0 x x 0 x x x 0 x 0 0 0 0 0 0 0 x 0 0 0 x x 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 x x 0 x x x x x 0 0 0 0 x x x 0 x x 0 0 0 0 x x x 0 0 x 0 x 0 0 x x 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x 0 x 0 x x x x x 0 0 x x x x x x 0 0 x x x 0 0 0 0 0 0 x 0 x x x 0 0 x 0 x 0 0 x 0 0 0 0 0 0 0 0 x x 0 0 0 0 0 0 x 0 0 0 0 0 x 0 x 0 0 0 x 0 0 0 0 0 0 x 0 x x 0 x x x x x x 0 x 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 x x 0 0 x 0 0 0 0 0 0 0 0 x 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 x x x x x 0 x 0 x 0 0 x x 0 0 0 0 0 0 x x 0 0 0 0 0 0 0 0 0 x 0 x x 0 x 0 0 0 0 x x x 0 x 0 0 x x x x x x 0 x x x x 0 0 0 x 0 x x 0 0 0 0 x x x x 0 x 0 x 0 0 0 x x 0 x x x 0 0 0 x x 0 0 0 x x x 0 x x 0 x x 0 0 0 0 0 0 0 x x 0 0 x 0 0 0 0 0 0 0 0 x 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 x 0 0 x x x x 0 0 0 x 0 0 0 0 0 0 0 0 x 0 0 0 x x 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 x 0 x 0 0 0 0 x x x 0 x x x x x x 0 0 0 0 0 0 x 0 x x 0 x 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 x x 0 0 0 x x 0 x 0 0 0 0 x 0 x 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 x x x x 0 0 x 0 0 0 0 0 0 x 0 x 0 x x 0 0 0 0 0 0 0 0 0 x 0 x x 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 x x 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x x x 0 0 x 0 0 0 0 0 0 0 0 0 0 x 0 0 0 x x x x 0 0 0 0 0 0 0 x x 0 0 0 0 0 0 0 0 0 0 0 x x x x x 0 x 0 x x x 0 0 x 0 x 0 0 x x 0 0 0 0 0 0 0 0 0 0 x x 0 x x 0 x x x 0 0 x 0 x 0 x 0 0 0 0 0 0 0 0 x x x 0 0 0 0 0 0 x x 0 x 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x 0 0 x x x x 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 x 0 x 0 0 0 0 0 0 x 0 0 0 0 0 0 0 x 0 0 0 0 0 x 0 0 0 0 0 0 x 0 0 0 0 0 0 x 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x 0 0 0 0 0 0 x 0 0 0 0 x 0 x 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 x x 0 0 x x x 0 0 0 0 0 x x 0 0 0 x x x x x 0 0 0 0 0 x 0 0 0 0 0 x x 0 x 0 x x x x 0 0 0 x 0 0 0 0 0 0 x 0 x 0 0 x 0 0 0 x 0 0 x 0 0 0 0 0 0 0 0 0 x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 x 0 0 x x 0 0 0 x 0 x 0 x 0 0 0 x 0 0 0 x x 0 0 x x x x x x 0 x 0 0 0 0 0 0 0 0 0 0 x x x 0 0 0 0 0 x 0 0 0 0 0 0 0 x x x 0 x 0 0 0 0 x x x x 0 0 0 x 0 x 0 x 0 0 0 0 0 x 0 0 0 0 x 0 0 0 0 0 0 0 0 x x x x 0 0 x 0 0 0 x 0 0 x x 0 0 0 0 0 0 0 0 0 x 0 0 0 x 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 x x 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 x 0 0 0 0 0 x x x 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 x x 0 x x x x 0 x 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 x 0 x 0 x 0 0 0 0 0 0 0 x 0 0 0 0 x x 0 x 0 0 x 0 x x 0 x x x x x x 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 x 0 0 0 0 0 0 0 0 x x 0 x x x x 0 0 0 0 x x 0 x x 0 0 x 0 0 0 0 0 0 0 x x 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x 0 x 0 0 x 0 0 0 x 0 0 x 0 0 0 0 0 0 0 0 x 0 0 0 x 0 x x x 0 0 x 0 0 0 x 0 0 0 x x
... Data truncated
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

  • DLLHijack.H

Registry Modifications

Key::Value Data API Name
HKCU\software\microsoft\edge\blbeacon::failed_count RegNtPreCreateKey
HKCU\software\microsoft\edge\blbeacon::state  RegNtPreCreateKey
HKCU\software\microsoft\edge\thirdparty::statuscodes (NULL) RegNtPreCreateKey
HKCU\software\microsoft\edge\thirdparty::statuscodes  RegNtPreCreateKey

Windows API Usage

Category API
Syscall Use
  • ntdll.dll!NtAccessCheck
  • ntdll.dll!NtAlpcSendWaitReceivePort
  • ntdll.dll!NtApphelpCacheControl
  • ntdll.dll!NtClose
  • ntdll.dll!NtConnectPort
  • ntdll.dll!NtCreateMutant
  • ntdll.dll!NtCreateSection
  • ntdll.dll!NtDuplicateToken
  • ntdll.dll!NtFreeVirtualMemory
  • ntdll.dll!NtMapViewOfSection
Show More
  • ntdll.dll!NtOpenFile
  • ntdll.dll!NtOpenKey
  • ntdll.dll!NtOpenKeyEx
  • ntdll.dll!NtOpenProcessToken
  • ntdll.dll!NtOpenProcessTokenEx
  • ntdll.dll!NtOpenSection
  • ntdll.dll!NtOpenSemaphore
  • ntdll.dll!NtOpenThreadTokenEx
  • ntdll.dll!NtProtectVirtualMemory
  • ntdll.dll!NtQueryAttributesFile
  • ntdll.dll!NtQueryDebugFilterState
  • ntdll.dll!NtQueryInformationProcess
  • ntdll.dll!NtQueryInformationThread
  • ntdll.dll!NtQueryInformationToken
  • ntdll.dll!NtQueryKey
  • ntdll.dll!NtQueryPerformanceCounter
  • ntdll.dll!NtQuerySecurityAttributesToken
  • ntdll.dll!NtQueryValueKey
  • ntdll.dll!NtQueryVirtualMemory
  • ntdll.dll!NtQueryVolumeInformationFile
  • ntdll.dll!NtQueryWnfStateData
  • ntdll.dll!NtReleaseMutant
  • ntdll.dll!NtReleaseSemaphore
  • ntdll.dll!NtRequestWaitReplyPort
  • ntdll.dll!NtSetEvent
  • ntdll.dll!NtSetInformationProcess
  • ntdll.dll!NtSetInformationVirtualMemory
  • ntdll.dll!NtSetInformationWorkerFactory
  • ntdll.dll!NtSubscribeWnfStateChange
  • ntdll.dll!NtTestAlert
  • ntdll.dll!NtTraceControl
  • ntdll.dll!NtUnmapViewOfSection
  • ntdll.dll!NtUnmapViewOfSectionEx
  • ntdll.dll!NtWaitForSingleObject
  • ntdll.dll!NtWaitLowEventPair
  • ntdll.dll!NtWriteFile
  • UNKNOWN

Trending

Most Viewed

Loading...