Class: Dialer
This type of program stealthily creates telephone connections via a modem and is not a malicious program. If a user has installed such a program on his/her computer, or if it was installed by a system administrator, then it does not pose any threat.Read more
Platform: Win32
Win32 is an API on Windows NT-based operating systems (Windows XP, Windows 7, etc.) that supports execution of 32-bit applications. One of the most widespread programming platforms in the world.Family: E-Group
No family descriptionExamples
5C62AE30303BEB87C562639AD4C099811C6A14BF64B833A4BA74E999D2D3B06E
A54F1AE90BB669B7DCC697FD3B26E7EA
DC3048D61DC8AA3C9F238B6C0C07BABD
432C45429A1EAAC14DAFB818482FB85E
Tactics and Techniques: Mitre*
TA0005
Defense Evasion
Adversaries may abuse Regsvr32.exe to proxy execution of malicious code. Regsvr32.exe is a command-line program used to register and unregister object linking and embedding controls, including dynamic link libraries (DLLs), on Windows systems. The Regsvr32.exe binary may also be signed by Microsoft.
T1218.010
Regsvr32
Adversaries may abuse Regsvr32.exe to proxy execution of malicious code. Regsvr32.exe is a command-line program used to register and unregister object linking and embedding controls, including dynamic link libraries (DLLs), on Windows systems. The Regsvr32.exe binary may also be signed by Microsoft.
* © 2025 The MITRE Corporation. This work is reproduced and distributed with the permission of The MITRE Corporation.