Adware.AdLoad.DG

By CagedTech in Adware

Threat Scorecard

Popularity Rank:	17,130
Threat Level:	20 % (Normal)
Infected Computers:	58

First Seen:	March 24, 2024
Last Seen:	November 8, 2025
OS(es) Affected:	Windows

Table of Contents

Analysis Report

General information

Family Name:	Adware.AdLoad.DG
Signature status:	No Signature

Known Samples

MD5: 2443195057f473d55ccaf5004f405bbb

SHA1: 8c25a120e030a3bc797d8823b2bfe587ab52e913

SHA256: 07BA357FBB5164D7E3100F84A9BD88EE1AC23D8B17948A13DE7A7574C9584FFA

File Size: 4.75 MB, 4749446 bytes

Windows Portable Executable Attributes

File doesn't have "Rich" header
File doesn't have security information
File has exports table
File is 32-bit executable
File is either console or GUI application
File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
File is Native application (NOT .NET application)
File is not packed
IMAGE_FILE_DLL is not set inside PE header (Executable)
IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Windows PE Version Information

Name	Value
Company Name	huanghongxun
File Description	Hello Minecraft! Launcher For Windows
File Version	3.5.0.0
Internal Name	HMCL.exe
Legal Copyright	Copyright (C) 2021 huangyuhui
Original Filename	HMCL.exe
Product Name	Hello Minecraft! Launcher
Product Version	3.5.0.0

File Traits

Registry Modifications

Key::Value	Data	API Name
HKCU\software\microsoft\windows\currentversion\explorer::slowcontextmenuentries		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\5.0\cache\content::cacheprefix		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\5.0\cache\cookies::cacheprefix	Cookie:	RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\5.0\cache\history::cacheprefix	Visited:	RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKCU\software\microsoft\edge\blbeacon::failed_count		RegNtPreCreateKey
HKCU\software\microsoft\edge\blbeacon::state		RegNtPreCreateKey
HKCU\software\microsoft\edge\thirdparty::statuscodes	(NULL)	RegNtPreCreateKey
HKCU\software\microsoft\edge\thirdparty::statuscodes		RegNtPreCreateKey

HKCU\software\microsoft\edge\elfbeacon::version	142.0.3595.53	RegNtPreCreateKey
HKCU\software\microsoft\edge\blbeacon::state		RegNtPreCreateKey

Windows API Usage

Category	API
Process Shell Execute	CreateProcess ShellExecute
Syscall Use	ntdll.dll!NtAccessCheck ntdll.dll!NtAlpcSendWaitReceivePort ntdll.dll!NtApphelpCacheControl ntdll.dll!NtAssociateWaitCompletionPacket ntdll.dll!NtClose ntdll.dll!NtCreateFile ntdll.dll!NtCreateMutant ntdll.dll!NtCreateSection ntdll.dll!NtCreateSemaphore ntdll.dll!NtDeleteValueKey Show More ntdll.dll!NtDuplicateToken ntdll.dll!NtFreeVirtualMemory ntdll.dll!NtMapViewOfSection ntdll.dll!NtOpenFile ntdll.dll!NtOpenKey ntdll.dll!NtOpenKeyEx ntdll.dll!NtOpenProcessToken ntdll.dll!NtOpenProcessTokenEx ntdll.dll!NtOpenSection ntdll.dll!NtOpenThreadTokenEx ntdll.dll!NtProtectVirtualMemory ntdll.dll!NtQueryAttributesFile ntdll.dll!NtQueryInformationProcess ntdll.dll!NtQueryInformationToken ntdll.dll!NtQueryKey ntdll.dll!NtQueryLicenseValue ntdll.dll!NtQueryPerformanceCounter ntdll.dll!NtQuerySecurityObject ntdll.dll!NtQuerySystemInformation ntdll.dll!NtQuerySystemInformationEx ntdll.dll!NtQueryValueKey ntdll.dll!NtQueryVirtualMemory ntdll.dll!NtReleaseMutant ntdll.dll!NtSetEvent ntdll.dll!NtSetInformationProcess ntdll.dll!NtSetInformationVirtualMemory ntdll.dll!NtSetInformationWorkerFactory ntdll.dll!NtSetValueKey ntdll.dll!NtTestAlert ntdll.dll!NtWaitForSingleObject ntdll.dll!NtWriteFile UNKNOWN
Process Manipulation Evasion	ReadProcessMemory

Shell Command Execution


							"jre-x64\bin\javaw.exe" -XX:MinHeapFreeRatio=5 -XX:MaxHeapFreeRatio=15 -jar "8c25a120e030a3bc797d8823b2bfe587ab52e913_0004749446"


							"jre-x86\bin\javaw.exe" -XX:MinHeapFreeRatio=5 -XX:MaxHeapFreeRatio=15 -jar "8c25a120e030a3bc797d8823b2bfe587ab52e913_0004749446"


							"javaw" -XX:MinHeapFreeRatio=5 -XX:MaxHeapFreeRatio=15 -jar "8c25a120e030a3bc797d8823b2bfe587ab52e913_0004749446"


							(NULL) https://aka.ms/download-jdk/microsoft-jdk-17-windows-x64.msi

EnigmaSoft’s Payment Processor Digital River GmbH Filing for Bankruptcy Does Not Impact SpyHunter Customers’ Anti-Malware Protection

Search

Change Region

Adware.AdLoad.DG

Threat Scorecard

EnigmaSoft Threat Scorecard

Analysis Report

General information

Known Samples

Known Samples

Windows Portable Executable Attributes

Windows Portable Executable Attributes

File Icons

File Icons

Windows PE Version Information

Windows PE Version Information

File Traits

Registry Modifications

Registry Modifications

Windows API Usage

Windows API Usage

Shell Command Execution

Shell Command Execution

Submit Comment

Trending

PUP.NetworkUpdate

Guardbox

Actarpluctess.com

Most Viewed

How To Fix 'Printer Driver is Unavailable' Error

Discord Is Stuck on Gray Screen

Discord Shows Black Screen when Sharing Screen