WMI.DCERPC_Execute.Method.Request.StdRegProv.Class

description-logo Description

This indicates detection of a WMI Execute Method Request calling StdRegProv class.
Windows Management Instrumentation (WMI) is a suite of tools for managing data and operations on Windows-based operating systems. WMI is the Microsoft implementation of the Web-based Enterprise Management (WBEM) standard. Users can write WMI scripts to automate administrative tasks on remote computers.
StdRegProv class is used to modify Windows Registry.

affected-products-logoAffected Products

Windows-based operating systems

Impact logoImpact

Unexpected network communication

Technology

Browser-Based, Network-Protocol, Client-Server, Peer-to-Peer, Cloud-Based, Mobile-Device

Behavior

  • Other

Application Dependencies

Default Ports

  • TCP/135