Dynamic-Link Library
A DLL is a Windows shared code library that programs load at runtime. Attackers abuse the loading mechanism through DLL injection, search-order hijacking, and sideloading to run malicious code inside a trusted process, often evading detection because the host application is legitimate. These techniques are staples of malware persistence and privilege escalation, which is why defenders monitor unusual module loads.