dnsapi.dll

  • File Path: C:\Windows\system32\dnsapi.dll
  • Description: DNS Client API DLL

Hashes

Type Hash
MD5 403BAB9BFBDD33E52451F59FE02629C1
SHA1 8EBE44527723C6773619AE7E7EE150835C3A7D26
SHA256 26B49242879CABD209A5B314A196672FE25E22CA5288C03AA0944D6F235810D5
SHA384 021D516FCD70E9341AE659B3E6A5F5C9BCB79075837B35B7FC19A1A186E1B4A3B951397E75797EB7F36936A141144037
SHA512 90097BD49DD2AAFF99329E42406E47A76CB6F167913B6DF002769CDFD0CB854F6A12B23777C3AE57684CBA9E5C37ACFBC3B43E279581B6F30152B272B575EC11
SSDEEP 12288:hvpnIz4jtuv1I4/GZnd15nxthWo2Kkc4oZyOB6jHOEWzWnoGJSG9aM/wXaCxzfNk:FoI4/Kd15rhWoT4oMK6L1noGJbwLBVk
IMP 774A00D28C195928DB9DA4B638C79D07
PESHA1 1824CABAAA1F38E6E78CA149A7CCD2497F06AE87
PE256 0AD8365D46901866FBDEE0A384703EC650CD3B6795670EB6ABE1B4E066598800

DLL Exports:

Function Name Ordinal Type
DnsServiceCopyInstance 153 Exported Function
DnsServiceDeRegister 154 Exported Function
DnsServiceBrowseCancel 151 Exported Function
DnsServiceConstructInstance 152 Exported Function
DnsServiceFreeInstance 155 Exported Function
DnsServiceResolve 158 Exported Function
DnsServiceResolveCancel 159 Exported Function
DnsServiceRegister 156 Exported Function
DnsServiceRegisterCancel 157 Exported Function
DnsReplaceRecordSetUTF8 144 Exported Function
DnsReplaceRecordSetW 145 Exported Function
DnsRemoveRegistrations 142 Exported Function
DnsReplaceRecordSetA 143 Exported Function
DnsResetQueryRetryTimeouts 146 Exported Function
DnsScreenLocalAddrsForRegistration 149 Exported Function
DnsServiceBrowse 150 Exported Function
DnsResolverOp 147 Exported Function
DnsResolverQueryHvsi 148 Exported Function
DnsTraceServerConfig 171 Exported Function
DnsUnicodeToUtf8 172 Exported Function
DnsStopMulticastQuery 169 Exported Function
DnsStringCopyAllocateEx 170 Exported Function
DnsUpdate 173 Exported Function
DnsUpdateTest_UTF8 176 Exported Function
DnsUpdateTest_W 177 Exported Function
DnsUpdateMachinePresence 174 Exported Function
DnsUpdateTest_A 175 Exported Function
DnsSetInterfaceSettings 162 Exported Function
DnsSetNrptRule 163 Exported Function
DnsSetConfigDword 160 Exported Function
DnsSetConfigValue 161 Exported Function
DnsSetNrptRules 164 Exported Function
DnsStartMulticastQuery 167 Exported Function
DnsStatusString 168 Exported Function
DnsSetQueryRetryTimeouts 165 Exported Function
DnsSetSettings 166 Exported Function
DnsQuery_A 124 Exported Function
DnsQuery_UTF8 125 Exported Function
DnsNotifyResolverClusterIp 115 Exported Function
DnsNotifyResolverEx 116 Exported Function
DnsQuery_W 126 Exported Function
DnsQueryConfigDword 119 Exported Function
DnsQueryEx 120 Exported Function
DnsQueryConfig 117 Exported Function
DnsQueryConfigAllocEx 118 Exported Function
DnsNameCompareEx_UTF8 105 Exported Function
DnsNameCompareEx_W 106 Exported Function
DnsNameCompare_W 109 Exported Function
DnsNameCompareEx_A 104 Exported Function
DnsNameCopy 110 Exported Function
DnsNetworkInformation_CreateFromFAZ 113 Exported Function
DnsNotifyResolver 114 Exported Function
DnsNameCopyAllocate 111 Exported Function
DnsNetworkInfo_CreateFromFAZ 112 Exported Function
DnsRecordSetDetach 135 Exported Function
DnsRecordStringForType 136 Exported Function
DnsRecordSetCompare 133 Exported Function
DnsRecordSetCopyEx 134 Exported Function
DnsRecordStringForWritableType 137 Exported Function
DnsReleaseContextHandle 140 Exported Function
DnsRemoveNrptRule 141 Exported Function
DnsRecordTypeForName 138 Exported Function
DnsRegisterLocal 139 Exported Function
DnsQueryExW 123 Exported Function
DnsRecordBuild_UTF8 127 Exported Function
DnsQueryExA 121 Exported Function
DnsQueryExUTF8 122 Exported Function
DnsRecordBuild_W 128 Exported Function
DnsRecordListFree 131 Exported Function
DnsRecordListUnmapV4MappedAAAAInPlace 132 Exported Function
DnsRecordCompare 129 Exported Function
DnsRecordCopyEx 130 Exported Function
Security_ContextListTimeout 265 Exported Function
Send_AndRecvUdpWithParam 266 Exported Function
Reg_ReadGlobalsEx 263 Exported Function
Reg_ReadUpdateInfo 264 Exported Function
Send_MessagePrivate 267 Exported Function
Socket_CacheCleanup 270 Exported Function
Socket_CacheInit 271 Exported Function
Send_MessagePrivateEx 268 Exported Function
Send_OpenTcpConnectionAndSend 269 Exported Function
NetInfo_UpdateNetworkProperties 256 Exported Function
NetInfo_UpdateServerReachability 257 Exported Function
NetInfo_ResetServerPriorities 254 Exported Function
NetInfo_UpdateDnsInterfaceConfigChange 255 Exported Function
Query_Cancel 259 Exported Function
Reg_FreeUpdateInfo 261 Exported Function
Reg_GetValueEx 262 Exported Function
Query_Main 260 Exported Function
QueryDirectEx 258 Exported Function
Socket_SetTtl 283 Exported Function
Socket_TcpListen 284 Exported Function
Socket_SetMulticastInterface 281 Exported Function
Socket_SetMulticastLoopBack 282 Exported Function
Trace_Reset 285 Exported Function
Util_IsRunningOnXboxOne 288 Exported Function
WriteDnsNrptRulesToRegistry 289 Exported Function
Update_ReplaceAddressRecordsW 286 Exported Function
Util_IsIp6Running 287 Exported Function
Socket_CloseEx 274 Exported Function
Socket_CloseMessageSockets 275 Exported Function
Socket_CleanupWinsock 272 Exported Function
Socket_ClearMessageSockets 273 Exported Function
Socket_Create 276 Exported Function
Socket_JoinMulticast 279 Exported Function
Socket_RecvFrom 280 Exported Function
Socket_CreateMulticast 277 Exported Function
Socket_InitWinsock 278 Exported Function
DnsWriteQuestionToBuffer_UTF8 189 Exported Function
DnsWriteQuestionToBuffer_W 190 Exported Function
DnsValidateServerStatus 185 Exported Function
DnsValidateUtf8Byte 188 Exported Function
DnsWriteReverseNameStringForIpAddress 191 Exported Function
FlushDnsPolicyUnreachableStatus 234 Exported Function
GetCurrentTimeInSeconds 235 Exported Function
ExtraInfo_Init 232 Exported Function
Faz_AreServerListsInSameNameSpace 233 Exported Function
DnsValidateName_UTF8 181 Exported Function
DnsValidateName_W 182 Exported Function
DnsUtf8ToUnicode 178 Exported Function
DnsValidateName_A 180 Exported Function
DnsValidateNameOrIp_TempW 179 Exported Function
DnsValidateServerArray_A 183 Exported Function
DnsValidateServerArray_W 184 Exported Function
DnsValidateServer_A 186 Exported Function
DnsValidateServer_W 187 Exported Function
NetInfo_Free 247 Exported Function
NetInfo_GetAdapterByAddress 248 Exported Function
NetInfo_CopyNetworkIndex 245 Exported Function
NetInfo_CreatePerNetworkNetinfo 246 Exported Function
NetInfo_GetAdapterByInterfaceIndex 249 Exported Function
NetInfo_IsForUpdate 252 Exported Function
NetInfo_IsTcpipConfigChange 253 Exported Function
NetInfo_GetAdapterByName 250 Exported Function
NetInfo_IsAddrConfig 251 Exported Function
HostsFile_ReadLine 238 Exported Function
IpHelp_IsAddrOnLink 239 Exported Function
HostsFile_Close 236 Exported Function
HostsFile_Open 237 Exported Function
Local_GetRecordsForLocalName 240 Exported Function
NetInfo_Clean 243 Exported Function
NetInfo_Copy 244 Exported Function
Local_GetRecordsForLocalNameEx 241 Exported Function
NetInfo_Build 242 Exported Function
DnsNameCompare_UTF8 108 Exported Function
Dns_WriteRecordStructureToPacketEx 231 Exported Function
DnsAcquireContextHandle_A 9 Exported Function
Dns_WriteDottedNameToPacket 229 Exported Function
Dns_WriteQuestionToMessage 230 Exported Function
DnsAcquireContextHandle_W 10 Exported Function
DnsApiAllocZero 13 Exported Function
DnsApiFree 14 Exported Function
DnsAllocateRecord 11 Exported Function
DnsApiAlloc 12 Exported Function
Dns_SetRecordDatalength 222 Exported Function
Dns_SetRecordsSection 223 Exported Function
Dns_SendAndRecvUdp 220 Exported Function
Dns_SendEx 221 Exported Function
Dns_SetRecordsTtl 224 Exported Function
Dns_UpdateLib 227 Exported Function
Dns_UpdateLibEx 228 Exported Function
Dns_SkipPacketName 225 Exported Function
Dns_SkipToRecord 226 Exported Function
DnsConnectionDeletePolicyEntriesPrivate 26 Exported Function
DnsConnectionDeleteProxyInfo 27 Exported Function
DnsCleanupTcpConnections 24 Exported Function
DnsConnectionDeletePolicyEntries 25 Exported Function
DnsConnectionFreeNameList 28 Exported Function
DnsConnectionFreeProxyList 31 Exported Function
DnsConnectionGetHandleForHostUrlPrivate 32 Exported Function
DnsConnectionFreeProxyInfo 29 Exported Function
DnsConnectionFreeProxyInfoEx 30 Exported Function
DnsApiSetDebugGlobals 17 Exported Function
DnsAsyncRegisterHostAddrs 18 Exported Function
DnsApiHeapReset 15 Exported Function
DnsApiRealloc 16 Exported Function
DnsAsyncRegisterInit 19 Exported Function
DnsCheckNrptRuleIntegrity 22 Exported Function
DnsCheckNrptRules 23 Exported Function
DnsAsyncRegisterTerm 20 Exported Function
DnsCancelQuery 21 Exported Function
Dns_CacheServiceCleanup 195 Exported Function
Dns_CacheServiceInit 196 Exported Function
Dns_AllocateMsgBuf 193 Exported Function
Dns_BuildPacket 194 Exported Function
Dns_CacheServiceStopIssued 197 Exported Function
Dns_CloseSocket 200 Exported Function
Dns_CreateMulticastSocket 201 Exported Function
Dns_CleanupWinsock 198 Exported Function
Dns_CloseConnection 199 Exported Function
AddRefQueryBlobEx 3 Exported Function
BreakRecordsIntoBlob 4 Exported Function
AdaptiveTimeout_ClearInterfaceSpecificConfiguration 1 Exported Function
AdaptiveTimeout_ResetAdaptiveTimeout 2 Exported Function
Coalesce_UpdateNetVersion 5 Exported Function
DeRefQueryBlobEx 7 Exported Function
Dns_AddRecordsToMessage 192 Exported Function
CombineRecordsInBlob 6 Exported Function
DelaySortDAServerlist 8 Exported Function
Dns_ParsePacketRecord 213 Exported Function
Dns_PingAdapterServers 214 Exported Function
Dns_OpenTcpConnectionAndSend 211 Exported Function
Dns_ParseMessage 212 Exported Function
Dns_ReadPacketName 215 Exported Function
Dns_RecvTcp 218 Exported Function
Dns_ResetNetworkInfo 219 Exported Function
Dns_ReadPacketNameAllocate 216 Exported Function
Dns_ReadRecordStructureFromPacket 217 Exported Function
Dns_ExtractRecordsFromMessage 204 Exported Function
Dns_FindAuthoritativeZoneLib 205 Exported Function
Dns_CreateSocket 202 Exported Function
Dns_CreateSocketEx 203 Exported Function
Dns_FreeMsgBuf 206 Exported Function
Dns_InitializeMsgRemoteSockaddr 209 Exported Function
Dns_InitializeWinsock 210 Exported Function
Dns_GetRandomXid 207 Exported Function
Dns_InitializeMsgBuf 208 Exported Function
DnsGetDnsServerList 80 Exported Function
DnsGetDomainName 81 Exported Function
DnsGetCacheDataTable 78 Exported Function
DnsGetCacheDataTableEx 79 Exported Function
DnsGetInterfaceSettings 82 Exported Function
DnsGetPolicyTableInfo 85 Exported Function
DnsGetPolicyTableInfoPrivate 86 Exported Function
DnsGetLastFailedUpdateInfo 83 Exported Function
DnsGetNrptRuleNamesList 84 Exported Function
DnsFreeNrptRule 71 Exported Function
DnsFreeNrptRuleNamesList 72 Exported Function
DnsFreeAdaptersInfo 69 Exported Function
DnsFreeConfigStructure 70 Exported Function
DnsFreePolicyConfig 73 Exported Function
DnsGetApplicationIdentifier 76 Exported Function
DnsGetBufferLengthForStringCopy 77 Exported Function
DnsFreeProxyName 74 Exported Function
DnsGetAdaptersInfo 75 Exported Function
DnsIsStringCountValidForTextType 98 Exported Function
DnsLogEvent 99 Exported Function
DnsIsNSECType 96 Exported Function
DnsIsStatusRcode 97 Exported Function
DnsMapRcodeToStatus 100 Exported Function
DnsModifyRecordsInSet_W 103 Exported Function
DnsNameCompare_A 107 Exported Function
DnsModifyRecordsInSet_A 101 Exported Function
DnsModifyRecordsInSet_UTF8 102 Exported Function
DnsGetProxyInformation 89 Exported Function
DnsGetQueryRetryTimeouts 90 Exported Function
DnsGetPrimaryDomainName_A 87 Exported Function
DnsGetProxyInfoPrivate 88 Exported Function
DnsGetSettings 91 Exported Function
DnsIpv6StringToAddress 94 Exported Function
DnsIsAMailboxType 95 Exported Function
DnsGlobals 92 Exported Function
DnsIpv6AddressToString 93 Exported Function
DnsCreateStringCopy 44 Exported Function
DnsDeRegisterLocal 45 Exported Function
DnsCreateReverseNameStringForIpAddress 42 Exported Function
DnsCreateStandardDnsNameCopy 43 Exported Function
DnsDhcpRegisterAddrs 46 Exported Function
DnsDhcpRegisterTerm 49 Exported Function
DnsDhcpRemoveRegistrations 50 Exported Function
DnsDhcpRegisterHostAddrs 47 Exported Function
DnsDhcpRegisterInit 48 Exported Function
DnsConnectionGetProxyInfoForHostUrl 35 Exported Function
DnsConnectionGetProxyList 36 Exported Function
DnsConnectionGetNameList 33 Exported Function
DnsConnectionGetProxyInfo 34 Exported Function
DnsConnectionSetPolicyEntries 37 Exported Function
DnsConnectionUpdateIfIndexTable 40 Exported Function
DnsCopyStringEx 41 Exported Function
DnsConnectionSetPolicyEntriesPrivate 38 Exported Function
DnsConnectionSetProxyInfo 39 Exported Function
DnsExtractRecordsFromMessage_W 62 Exported Function
DnsFindAuthoritativeZone 63 Exported Function
DnsDowncaseDnsNameLabel 60 Exported Function
DnsExtractRecordsFromMessage_UTF8 61 Exported Function
DnsFlushResolverCache 64 Exported Function
DnsFlushResolverCacheEntry_W 67 Exported Function
DnsFree 68 Exported Function
DnsFlushResolverCacheEntry_A 65 Exported Function
DnsFlushResolverCacheEntry_UTF8 66 Exported Function
DnsDhcpSrvRegisterHostName 53 Exported Function
DnsDhcpSrvRegisterHostNameEx 54 Exported Function
DnsDhcpSrvRegisterHostAddr 51 Exported Function
DnsDhcpSrvRegisterHostAddrEx 52 Exported Function
DnsDhcpSrvRegisterInit 55 Exported Function
DnsDhcpSrvRegisterTerm 58 Exported Function
DnsDisableIdnEncoding 59 Exported Function
DnsDhcpSrvRegisterInitEx 56 Exported Function
DnsDhcpSrvRegisterInitialize 57 Exported Function

Signature

  • Status: Signature verified.
  • Serial: 3300000266BD1580EFA75CD6D3000000000266
  • Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: dnsapi
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.19041.1 (WinBuild.160101.0800)
  • Product Version: 10.0.19041.1
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: 0/67
  • VirusTotal Link: https://www.virustotal.com/gui/file/26b49242879cabd209a5b314a196672fe25e22ca5288c03aa0944d6f235810d5/detection/

Possible Misuse

The following table contains possible examples of dnsapi.dll being misused. While dnsapi.dll is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
malware-ioc rtm dnsapi.dll © ESET 2014-2018
signature-base apt_codoso.yar $s1 = “DnsApi.dll” fullword ascii CC BY-NC 4.0
signature-base gen_excel_xll_addin_suspicious.yar or (pe.imports(“DNSAPI.dll”, “DnsQuery_A”) or pe.imports(“DNSAPI.dll”, “DnsQuery_W”)) CC BY-NC 4.0

MIT License. Copyright (c) 2020-2021 Strontic.