Microsoft Defender Blocked from Loading Unsigned DLL (0b0ea3cc-99c8-4730-9c53-45deee2a4c86)

Detects Code Integrity (CI) engine blocking Microsoft Defender's processes (MpCmdRun and NisSrv) from loading unsigned DLLs which may be an attempt to sideload arbitrary DLL

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
DLL Side-Loading - T1574.002 (e64c62cf-9cd7-4a14-94ec-cdaac43ab44b)	Attack Pattern	Microsoft Defender Blocked from Loading Unsigned DLL (0b0ea3cc-99c8-4730-9c53-45deee2a4c86)	Sigma-Rules	1
DLL Side-Loading - T1574.002 (e64c62cf-9cd7-4a14-94ec-cdaac43ab44b)	Attack Pattern	Hijack Execution Flow - T1574 (aedfca76-3b30-4866-b2aa-0f1d7fd1e4b6)	Attack Pattern	2