IPHLPAPI.DLL

  • File Path: C:\Windows\SysWOW64\IPHLPAPI.DLL
  • Description: IP Helper API

Hashes

Type Hash
MD5 387D4FF2980F94E2909BB519FF7997A0
SHA1 2D8B5DF6F0152553E691614E6B519522A4645320
SHA256 75E67BABF5102F94FE5F2CCDBEFCB2D0B5889C7997F3A0516B8E97E9149573BF
SHA384 EA84A9072D485D475ED446D99E1502EC8063681A5F87036F4F41C7C2E4561A2CCCA288A10FBCD1A294A926FF323BCF59
SHA512 CD47CD3AC8391E14D44537267A502C8A02395050822281A21A89743546EDD6A53401041CD734B3087397188D1BD1D0FA8CF5D68B6537FF296F05AD9D15B8E003
SSDEEP 3072:DvkD2uh1lBgywOYRjteymVk6iLORKmaW/iprP9kkxyEiYY9BS0X:za2uh19wpQ5QLODviZP9hsEiV90
IMP E78CCE9DD51B6DF71895888C3CD7480A
PESHA1 4DF324D5F26EFEF4D12F862F7AAA42453543471D
PE256 209CFB92E31CF93A208265994B58B712B2220794E4E09BC499CF0EDE5C381BDE

DLL Exports:

Function Name Ordinal Type
InternalGetAnycastIpAddressEntry 178 Exported Function
InternalGetAnycastIpAddressTable 179 Exported Function
InternalDeleteUnicastIpAddressEntry 176 Exported Function
InternalFindInterfaceByAddress 177 Exported Function
InternalGetBoundTcp6EndpointTable 180 Exported Function
InternalGetIfEntry2 184 Exported Function
InternalGetIfTable 186 Exported Function
InternalGetBoundTcpEndpointTable 181 Exported Function
InternalGetForwardIpTable2 182 Exported Function
InternalCreateOrRefIpForwardEntry2 169 Exported Function
InternalCreateUnicastIpAddressEntry 170 Exported Function
InternalCreateIpNetEntry 168 Exported Function
InternalCreateIpNetEntry2 167 Exported Function
InternalDeleteAnycastIpAddressEntry 171 Exported Function
InternalDeleteIpNetEntry 175 Exported Function
InternalDeleteIpNetEntry2 174 Exported Function
InternalDeleteIpForwardEntry 173 Exported Function
InternalDeleteIpForwardEntry2 172 Exported Function
InternalGetIfTable2 185 Exported Function
InternalGetRtcSlotInformation 197 Exported Function
InternalGetTcp6Table2 198 Exported Function
InternalGetMulticastIpAddressEntry 195 Exported Function
InternalGetMulticastIpAddressTable 196 Exported Function
InternalGetTcp6TableWithOwnerModule 199 Exported Function
InternalGetTcpTable2 201 Exported Function
InternalGetTcpTableEx 203 Exported Function
InternalGetTcp6TableWithOwnerPid 200 Exported Function
InternalGetTcpTable 202 Exported Function
InternalGetIpForwardTable 189 Exported Function
InternalGetIpInterfaceEntry 190 Exported Function
InternalGetIpAddrTable 187 Exported Function
InternalGetIpForwardEntry2 188 Exported Function
InternalGetIpInterfaceTable 191 Exported Function
InternalGetIpNetTable2 193 Exported Function
InternalGetIPPhysicalInterfaceForDestination 183 Exported Function
InternalGetIpNetEntry2 192 Exported Function
InternalGetIpNetTable 194 Exported Function
GetUdpStatisticsEx 144 Exported Function
GetUdpStatisticsEx2 143 Exported Function
GetUdp6Table 141 Exported Function
GetUdpStatistics 142 Exported Function
GetUdpTable 145 Exported Function
GetUniDirectionalAdapterInfo 146 Exported Function
GetWPAOACSupportLevel 149 Exported Function
GetUnicastIpAddressEntry 147 Exported Function
GetUnicastIpAddressTable 148 Exported Function
GetTcp6Table2 133 Exported Function
GetTcpStatistics 135 Exported Function
GetSessionCompartmentId 132 Exported Function
GetTcp6Table 134 Exported Function
GetTcpStatisticsEx 137 Exported Function
GetTcpTable2 138 Exported Function
GetTeredoPort 140 Exported Function
GetTcpStatisticsEx2 136 Exported Function
GetTcpTable 139 Exported Function
Icmp6CreateFile 150 Exported Function
InitializeIpForwardEntry 160 Exported Function
InitializeIpInterfaceEntry 161 Exported Function
if_nametoindex 296 Exported Function
InitializeCompartmentEntry 159 Exported Function
InitializeUnicastIpAddressEntry 162 Exported Function
InternalCreateIpForwardEntry 166 Exported Function
InternalCreateIpForwardEntry2 165 Exported Function
InternalCleanupPersistentStore 163 Exported Function
InternalCreateAnycastIpAddressEntry 164 Exported Function
IcmpCloseHandle 153 Exported Function
IcmpCreateFile 154 Exported Function
Icmp6ParseReplies 151 Exported Function
Icmp6SendEcho2 152 Exported Function
IcmpParseReplies 155 Exported Function
IcmpSendEcho2Ex 157 Exported Function
if_indextoname 295 Exported Function
IcmpSendEcho 158 Exported Function
IcmpSendEcho2 156 Exported Function
RestoreMediaSense 267 Exported Function
SendARP 268 Exported Function
ResolveIpNetEntry2 265 Exported Function
ResolveNeighbor 266 Exported Function
SetAdapterIpAddress 269 Exported Function
SetDnsSettings 272 Exported Function
SetIfEntry 273 Exported Function
SetCurrentThreadCompartmentId 270 Exported Function
SetCurrentThreadCompartmentScope 271 Exported Function
NotifyTeredoPortChange 245 Exported Function
NotifyUnicastIpAddressChange 246 Exported Function
NotifyRouteChange2 242 Exported Function
NotifyStableUnicastIpAddressTable 244 Exported Function
NTPTimeToNTFileTime 230 Exported Function
ParseNetworkString 248 Exported Function
register_icmp 297 Exported Function
NTTimeToNTPTime 231 Exported Function
OpenCompartment 247 Exported Function
SetInterfaceDnsSettings 274 Exported Function
SetPerTcp6ConnectionStats 286 Exported Function
SetPerTcpConnectionEStats 287 Exported Function
SetNetworkInformation 284 Exported Function
SetPerTcp6ConnectionEStats 285 Exported Function
SetPerTcpConnectionStats 288 Exported Function
SetUnicastIpAddressEntry 291 Exported Function
UnenableRouter 292 Exported Function
SetSessionCompartmentId 289 Exported Function
SetTcpEntry 290 Exported Function
SetIpInterfaceEntry 277 Exported Function
SetIpNetEntry 279 Exported Function
SetIpForwardEntry 276 Exported Function
SetIpForwardEntry2 275 Exported Function
SetIpNetEntry2 278 Exported Function
SetIpTTL 282 Exported Function
SetJobCompartmentId 283 Exported Function
SetIpStatistics 280 Exported Function
SetIpStatisticsEx 281 Exported Function
InternalIcmpCreateFileEx 215 Exported Function
InternalSetIfEntry 216 Exported Function
InternalGetUnicastIpAddressEntry 213 Exported Function
InternalGetUnicastIpAddressTable 214 Exported Function
InternalSetIpForwardEntry 218 Exported Function
InternalSetIpNetEntry 221 Exported Function
InternalSetIpNetEntry2 220 Exported Function
InternalSetIpForwardEntry2 217 Exported Function
InternalSetIpInterfaceEntry 219 Exported Function
InternalGetTunnelPhysicalAdapter 206 Exported Function
InternalGetUdp6TableWithOwnerModule 207 Exported Function
InternalGetTcpTableWithOwnerModule 204 Exported Function
InternalGetTcpTableWithOwnerPid 205 Exported Function
InternalGetUdp6TableWithOwnerPid 208 Exported Function
InternalGetUdpTableWithOwnerModule 211 Exported Function
InternalGetUdpTableWithOwnerPid 212 Exported Function
InternalGetUdpTable 209 Exported Function
InternalGetUdpTableEx 210 Exported Function
InternalSetIpStats 222 Exported Function
NhpAllocateAndGetInterfaceInfoFromStack 236 Exported Function
NotifyAddrChange 237 Exported Function
NhGetInterfaceNameFromDeviceGuid 234 Exported Function
NhGetInterfaceNameFromGuid 235 Exported Function
NotifyCompartmentChange 238 Exported Function
NotifyNetworkConnectivityHintChange 241 Exported Function
NotifyRouteChange 243 Exported Function
NotifyIfTimestampConfigChange 239 Exported Function
NotifyIpInterfaceChange 240 Exported Function
InternalSetUnicastIpAddressEntry 225 Exported Function
IpReleaseAddress 226 Exported Function
InternalSetTcpEntry 223 Exported Function
InternalSetTeredoPort 224 Exported Function
IpRenewAddress 227 Exported Function
NhGetGuidFromInterfaceName 232 Exported Function
NhGetInterfaceDescriptionFromGuid 233 Exported Function
LookupPersistentTcpPortReservation 228 Exported Function
LookupPersistentUdpPortReservation 229 Exported Function
GetRTTAndHopCount 131 Exported Function
ConvertStringToGuidA 33 Exported Function
ConvertStringToGuidW 34 Exported Function
ConvertRemoteInterfaceLuidToGuid 31 Exported Function
ConvertRemoteInterfaceLuidToIndex 32 Exported Function
ConvertStringToInterfacePhysicalAddress 35 Exported Function
CreateIpForwardEntry 39 Exported Function
CreateIpForwardEntry2 38 Exported Function
CreateAnycastIpAddressEntry 36 Exported Function
CreateCompartment 37 Exported Function
ConvertInterfacePhysicalAddressToLuid 24 Exported Function
ConvertIpv4MaskToLength 25 Exported Function
ConvertInterfaceNameToLuidA 22 Exported Function
ConvertInterfaceNameToLuidW 23 Exported Function
ConvertLengthToIpv4Mask 26 Exported Function
ConvertRemoteInterfaceIndexToLuid 29 Exported Function
ConvertRemoteInterfaceLuidToAlias 30 Exported Function
ConvertRemoteInterfaceAliasToLuid 27 Exported Function
ConvertRemoteInterfaceGuidToLuid 28 Exported Function
CreateIpNetEntry 41 Exported Function
DeleteIpNetEntry 53 Exported Function
DeleteIpNetEntry2 52 Exported Function
DeleteIpForwardEntry 51 Exported Function
DeleteIpForwardEntry2 50 Exported Function
DeletePersistentTcpPortReservation 54 Exported Function
DeleteUnicastIpAddressEntry 57 Exported Function
DisableMediaSense 58 Exported Function
DeletePersistentUdpPortReservation 55 Exported Function
DeleteProxyArpEntry 56 Exported Function
CreatePersistentUdpPortReservation 43 Exported Function
CreateProxyArpEntry 44 Exported Function
CreateIpNetEntry2 40 Exported Function
CreatePersistentTcpPortReservation 42 Exported Function
CreateSortedAddressPairs 45 Exported Function
DeleteCompartment 48 Exported Function
DeleteIPAddress 49 Exported Function
CreateUnicastIpAddressEntry 46 Exported Function
DeleteAnycastIpAddressEntry 47 Exported Function
_PfRemoveFiltersFromInterface@20 260 Exported Function
_PfRemoveGlobalFilterFromInterface@8 261 Exported Function
_PfRebindFilters@8 258 Exported Function
_PfRemoveFilterHandles@12 259 Exported Function
_PfSetLogBuffer@28 262 Exported Function
AddIPAddress 1 Exported Function
AllocateAndGetInterfaceInfoFromStack 2 Exported Function
_PfTestPacket@20 263 Exported Function
_PfUnBindInterface@4 264 Exported Function
_PfBindInterfaceToIndex@16 252 Exported Function
_PfBindInterfaceToIPAddress@12 251 Exported Function
_PfAddFiltersToInterface@24 249 Exported Function
_PfAddGlobalFilterToInterface@8 250 Exported Function
_PfCreateInterface@24 253 Exported Function
_PfGetInterfaceStatistics@16 256 Exported Function
_PfMakeLog@4 257 Exported Function
_PfDeleteInterface@4 254 Exported Function
_PfDeleteLog@0 255 Exported Function
AllocateAndGetIpAddrTableFromStack 3 Exported Function
ConvertInterfaceGuidToLuid 15 Exported Function
ConvertInterfaceIndexToLuid 16 Exported Function
ConvertGuidToStringW 13 Exported Function
ConvertInterfaceAliasToLuid 14 Exported Function
ConvertInterfaceLuidToAlias 17 Exported Function
ConvertInterfaceLuidToNameA 20 Exported Function
ConvertInterfaceLuidToNameW 21 Exported Function
ConvertInterfaceLuidToGuid 18 Exported Function
ConvertInterfaceLuidToIndex 19 Exported Function
CancelMibChangeNotify2 6 Exported Function
CaptureInterfaceHardwareCrossTimestamp 7 Exported Function
CancelIfTimestampConfigChange 5 Exported Function
CancelIPChangeNotify 4 Exported Function
CloseCompartment 8 Exported Function
ConvertCompartmentIdToGuid 11 Exported Function
ConvertGuidToStringA 12 Exported Function
CloseGetIPPhysicalInterfaceForDestination 9 Exported Function
ConvertCompartmentGuidToId 10 Exported Function
GetIpNetEntry2 105 Exported Function
GetIpNetTable 107 Exported Function
GetIpInterfaceEntry 103 Exported Function
GetIpInterfaceTable 104 Exported Function
GetIpNetTable2 106 Exported Function
GetIpPathTable 110 Exported Function
GetIpStatistics 111 Exported Function
GetIpNetworkConnectionBandwidthEstimates 108 Exported Function
GetIpPathEntry 109 Exported Function
GetInterfaceInfo 96 Exported Function
GetInvertedIfStackTable 97 Exported Function
GetInterfaceDnsSettings 94 Exported Function
GetInterfaceHardwareTimestampCapabilities 95 Exported Function
GetIpAddrTable 98 Exported Function
GetIpForwardTable 102 Exported Function
GetIpForwardTable2 101 Exported Function
GetIpErrorString 99 Exported Function
GetIpForwardEntry2 100 Exported Function
GetIpStatisticsEx 112 Exported Function
GetOwnerModuleFromUdp6Entry 124 Exported Function
GetOwnerModuleFromUdpEntry 125 Exported Function
GetOwnerModuleFromTcp6Entry 122 Exported Function
GetOwnerModuleFromTcpEntry 123 Exported Function
GetPerAdapterInfo 126 Exported Function
GetPerTcpConnectionEStats 129 Exported Function
GetPerTcpConnectionStats 130 Exported Function
GetPerTcp6ConnectionEStats 127 Exported Function
GetPerTcp6ConnectionStats 128 Exported Function
GetMulticastIpAddressTable 115 Exported Function
GetNetworkConnectivityHint 116 Exported Function
GetJobCompartmentId 113 Exported Function
GetMulticastIpAddressEntry 114 Exported Function
GetNetworkConnectivityHintForInterface 117 Exported Function
GetNumberOfInterfaces 120 Exported Function
GetOwnerModuleFromPidAndInfo 121 Exported Function
GetNetworkInformation 118 Exported Function
GetNetworkParams 119 Exported Function
GetAdaptersAddresses 68 Exported Function
GetAdaptersInfo 69 Exported Function
GetAdapterIndex 66 Exported Function
GetAdapterOrderMap 67 Exported Function
GetAnycastIpAddressEntry 70 Exported Function
GetBestInterfaceEx 73 Exported Function
GetBestRoute 75 Exported Function
GetAnycastIpAddressTable 71 Exported Function
GetBestInterface 72 Exported Function
EnableRouter 59 Exported Function
FlushIpNetTable 61 Exported Function
do_echo_rep 293 Exported Function
do_echo_req 294 Exported Function
FlushIpNetTable2 60 Exported Function
FreeInterfaceDnsSettings 64 Exported Function
FreeMibTable 65 Exported Function
FlushIpPathTable 62 Exported Function
FreeDnsSettings 63 Exported Function
GetBestRoute2 74 Exported Function
GetIfEntry2Ex 86 Exported Function
GetIfStackTable 88 Exported Function
GetIfEntry 87 Exported Function
GetIfEntry2 85 Exported Function
GetIfTable 91 Exported Function
GetInterfaceCompartmentId 92 Exported Function
GetInterfaceCurrentTimestampCapabilities 93 Exported Function
GetIfTable2 89 Exported Function
GetIfTable2Ex 90 Exported Function
GetDefaultCompartmentId 78 Exported Function
GetDnsSettings 79 Exported Function
GetCurrentThreadCompartmentId 76 Exported Function
GetCurrentThreadCompartmentScope 77 Exported Function
GetExtendedTcpTable 80 Exported Function
GetIcmpStatistics 83 Exported Function
GetIcmpStatisticsEx 84 Exported Function
GetExtendedUdpTable 81 Exported Function
GetFriendlyIfIndex 82 Exported Function

Signature

  • Status: Signature verified.
  • Serial: 3300000266BD1580EFA75CD6D3000000000266
  • Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: iphlpapi.dll
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.19041.488 (WinBuild.160101.0800)
  • Product Version: 10.0.19041.488
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 32-bit

File Scan

  • VirusTotal Detections: 0/61
  • VirusTotal Link: https://www.virustotal.com/gui/file/75e67babf5102f94fe5f2ccdbefcb2d0b5889c7997f3a0516b8e97e9149573bf/detection/

Possible Misuse

The following table contains possible examples of IPHLPAPI.DLL being misused. While IPHLPAPI.DLL is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
signature-base apt_codoso.yar $s6 = “iphlpapi.dll” ascii CC BY-NC 4.0
signature-base apt_uboat_rat.yar $s7 = “IPHLPAPI.DLL” ascii CC BY-NC 4.0
signature-base thor-hacktools.yar $s0 = “iphlpapi.DLL” fullword ascii CC BY-NC 4.0

MIT License. Copyright (c) 2020-2021 Strontic.