This is a blast from the past.

Copy c:\WINDOWS\system32\cliconfg.exe to a folder of your choosing and execute it.

It will attempt to load a bunch of some very old-school DLLs:

• C:\Windows\System32\DBMSRPCN.DLL
• C:\Windows\System32\DBMSSPXN.DLL
• C:\Windows\System32\DBMSADSN.DLL
• C:\Windows\System32\DBMSVINN.DLL
• C:\Windows\System32\DBMSGNET.DLL
• C:\Windows\System32\DBMSSNET.DLL
• C:\Windows\System32\DBMSQLGC.DLL
• C:\Windows\System32\NTWDBLIB.DLL

The last one on the list is the one that executes code, so placing your payload inside C:\Windows\System32\NTWDBLIB.DLL is a guarantee that it will be executed when you run a copy of c:\WINDOWS\system32\cliconfg.exe from a different location.

I am lazy and am not researching the other ones, but I am sure it is most likely due to a lack of some specific export functions that my test DLLs miss to export that stop the code execution when these earlier DLLs are mapped to memory but not loaded.