DRAFT

This page is still a draft. Thank you for your understanding.

Description

Used to perform a DNS lookup on a particular hostname prior to making an IP connection to a remote host. Hostnames that serve as command-and-control (C&C) servers often make good network-based signatures.

Example

The following example shows how gethostbyname can be called:

.text:1000174E                 mov     eax, off_10019040
.text:10001753                 add     eax, 0Dh
.text:10001756                 push    eax             ; name
.text:10001757                 call    ds:gethostbyname