Gridinsoft Logo

The dllhost.exe (COM Surrogate) File Analysis

Updated 18 days ago
Checked by Malware Check
dllhost.exe

Technical Analysis

File Name dllhost.exe
File Type
PE32+ executable (GUI) x86-64, for MS Windows
Scanner Version 1.0.231.174
Database Version 2025-12-21 23:00:27 UTC

Clean File

No threats detected by our scanner

0%
Detection Rate
21,312
File Size (bytes)
2025-12-22
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
08eb78e5be019df044c26b14703bd1fa
SHA1
2ce12a317bebf8293f3544433a55d972a5967996
SHA256
e7fc40b41aa8b83841a0b96d169eaf0800aa784733e636935374d56536253f10
SHA512
a2bc4eb15048c182af80192c19147d8871396b1463a8cb9257c80b142698b71a8093c65206847d9e07fcc2fbed0829390908597f617e26ac6523577927836562
ImpHash
cf79fce90fced31836373f3e48251a5d

PE Analysis

Basic Information

Image Base 0x140000000
Entry Point 0x1400014e0
Compilation Time 2098-11-02 01:44:16
Checksum 0x0000bf5f (Actual: 0x0000bf5f)
OS Version 10.0
PEiD Signatures PE32+ executable (GUI) x86-64, for MS Windows
PDB Path dllhost.pdb
Digital Signature OK
Imports 15 libraries
Exports 0 functions
Resources 1 Resources
Sections 6 Sections

Version Information

CompanyName Microsoft Corporation
FileDescription COM Surrogate
FileVersion 10.0.19041.546 (WinBuild.160101.0800)
InternalName dllhost.exe
LegalCopyright © Microsoft Corporation. All rights reserved.
OriginalFilename dllhost.exe
ProductName Microsoft® Windows® Operating System
ProductVersion 10.0.19041.546
Translation 0x0409 0x04b0

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 4,452 bytes 4,608 bytes 5.67 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ A4F1523B79CFC0EE32B2B0C6D1187077
.rdata 0x00003000 4,394 bytes 4,608 bytes 4.16 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 6BD38137ACA4950D2EAE3031CD060579
.data 0x00005000 1,720 bytes 512 bytes 0.37 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE DB11EB632A2EFBEF76BEBD3C951B36A8
.pdata 0x00006000 420 bytes 512 bytes 3.20 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 41E543A890AEDED5A85B5254E1CCE01B
.rsrc 0x00007000 1,000 bytes 1,024 bytes 3.30 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ BE12023BA4CF60A5B01CB7FFDB63E664
.reloc 0x00008000 40 bytes 512 bytes 0.52 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ 4C1E1DC0DEF1A4DAFB7DF6B34041E125

Resource Analysis

Total Resources: 1 (904 bytes)
Resource Type Count Total Size Percentage
RT_VERSION 1 904 bytes
100%

Certificate Chain Analysis

Certificate Information
Product Microsoft® Windows® Operating System
Description COM Surrogate
File Version 10.0.19041.546 (WinBuild.160101.0800)
Original Name dllhost.exe
Signing Date 06:05 AM 09/26/2020 (1931 days ago)
Verification Status Signed
Signers Microsoft Windows; Microsoft Windows Production PCA 2011; Microsoft Root Certificate Authority 2010
Counter Signers Microsoft Time-Stamp Service; Microsoft Time-Stamp PCA 2010; Microsoft Root Certificate Authority 2010
Internal Name dllhost.exe
Copyright © Microsoft Corporation. All rights reserved.
Certificate Chain Summary
Microsoft Windows #1 Primary
Validity Period: 2020-03-04 18:30:38 → 2021-03-03 18:30:38
Signature Algorithm: sha256RSA
Serial Number: 33 00 00 02 65 51 AE 1B BD 00 5C BF BD 00 00 00 00 02 65
Microsoft Windows Production PCA 2011 #2 Chain
Validity Period: 2011-10-19 18:41:42 → 2026-10-19 18:51:42
Signature Algorithm: sha256RSA
Serial Number: 61 07 76 56 00 00 00 00 00 08
Microsoft Time-Stamp Service #3 Chain
Validity Period: 2019-12-19 01:15:05 → 2021-03-17 01:15:05
Signature Algorithm: sha256RSA
Serial Number: 33 00 00 01 2E A8 D2 19 07 93 F4 6B E8 00 00 00 00 01 2E
Microsoft Time-Stamp PCA 2010 #4 Chain
Validity Period: 2010-07-01 21:36:55 → 2025-07-01 21:46:55
Signature Algorithm: sha256RSA
Serial Number: 61 09 81 2A 00 00 00 00 00 02

✓ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

OK

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
This file passed all security checks, but stay vigilant. New malware variants appear daily that can evade detection. Always verify files come from official sources and check digital signatures when available.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.

Your Score for
/

Gridinsoft Anti-Malware

Stay Malware-Free: Keep Your PC Protected with Gridinsoft Anti-Malware

Gridinsoft Anti-Malware offers just that—peace of mind with a robust, user-friendly solution that’s constantly updated to combat the latest threats. Designed by cybersecurity experts, it provides real-time protection and effortless malware removal. It’s not just about detecting threats; it's about enhancing your digital life with uninterrupted security. Give it a try and experience what it feels like to browse worry-free!

Gridinsoft Anti-Malware Download Now
Gridinsoft Anti-Malware