home

DNSClient.EXE

DNSClient

It runs as a scheduled task under the Windows Task Scheduler. The file has been seen being downloaded from videos.cctvcamerapros.com.
Product:
DNSClient

Description:
DNSClient Application

Version:
8, 5, 0, 0

MD5:
73bb7f6f2554ceadeef7f88ea0a42b47

SHA-1:
177ebcb20bcba1fa95de30e5df2cd19c37a87686

SHA-256:
0bd0175899664a159b1e420e57e48c1535d8cd8a3096351a3f09621ca17efd62

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 6:44:44 AM UTC  (today)

File size:
439 KB (449,536 bytes)

Product version:
8, 5, 0, 0

Original file name:
DNSClient.EXE

File type:
Executable application (Win32 EXE)

File PE Metadata
Compilation timestamp:
6/22/2011 6:31:51 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
12288:itkljJqcp0EnSsAdNoqI+lKxXruwaoovcDixdEi:SCjJZznSf7oqI+oXtovR

Entry address:
0x38C32

Entry point:
E8, 70, 58, 00, 00, E9, 79, FE, FF, FF, 8B, FF, 51, C7, 01, 70, 93, 45, 00, E8, F3, 58, 00, 00, 59, C3, 8B, FF, 55, 8B, EC, 56, 8B, F1, E8, E3, FF, FF, FF, F6, 45, 08, 01, 74, 07, 56, E8, 19, EC, FC, FF, 59, 8B, C6, 5E, 5D, C2, 04, 00, 8B, FF, 55, 8B, EC, 8B, 45, 08, 83, C1, 09, 51, 83, C0, 09, 50, E8, 2E, 59, 00, 00, F7, D8, 59, 1B, C0, 59, 40, 5D, C2, 04, 00, 8B, FF, 55, 8B, EC, 51, 53, 8B, 45, 0C, 83, C0, 0C, 89, 45, FC, 64, 8B, 1D, 00, 00, 00, 00, 8B, 03, 64, A3, 00, 00, 00, 00, 8B, 45, 08, 8B, 5D, 0C...
 
[+]

Entropy:
6.2595

Code size:
310.5 KB (317,952 bytes)

Scheduled Task
Task name:
{80371C1C-4D22-4534-8A0D-AF32EECD7996}

Trigger:
Registration (Runs on registration)


The file DNSClient.EXE has been seen being distributed by the following URL.

http://videos.cctvcamerapros.com/specs/.../Geovision-DDNS-Setup.exe

Scan DNSClient.EXE - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.