Regsvr32 Malicious DLL

Regsvr32.exe is a command-line program used to register and unregister object linking and embedding controls. It can also be used to specifically bypass process allowlisting. Malicious activity or users may take advantage of this functionality to avoid being detected by endpoint solutions because of allowlists or false positives from Windows using regsvr32.exe for normal operations.