![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(73.60000000000001, 56.00000000000001%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAM%3C/text%3E%3C/svg%3E)
2,789 questions
Hello,
Welcome to Microsoft Q&A!
Use the Win32 API (SetWindowsHookExA function) to place a hook, which may indicate malicious behavior. DLL injection can be used for legitimate purposes; However, it is also a common technique used by rootkits to execute malicious code.
If your application is designed to inject a DLL into another process, you don't need to take any action. Otherwise, this code should be double-checked, as it is indicative of a rootkit or other malicious code.
Thank you.
Jeanine
If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.