WMI.DCERPC_Execute.Method.Request.StdRegProv.Class
Description
This indicates detection of a WMI Execute Method Request calling StdRegProv class.Windows Management Instrumentation (WMI) is a suite of tools for managing data and operations on Windows-based operating systems. WMI is the Microsoft implementation of the Web-based Enterprise Management (WBEM) standard. Users can write WMI scripts to automate administrative tasks on remote computers.
StdRegProv class is used to modify Windows Registry.
Affected Products
Windows-based operating systems
Impact
Unexpected network communication
Technology
Browser-Based, Network-Protocol, Client-Server, Peer-to-Peer, Cloud-Based, Mobile-Device
Behavior
- Other
Application Dependencies
Default Ports
- TCP/135