<<< Hide Navigation Hide TOC >>>
DLL Loaded via CertOC.EXE (242301bc-f92f-4476-8718-78004a6efd9f)
Detects when a user installs certificates by using CertOC.exe to loads the target DLL file.
Cluster A![]() |
Galaxy A![]() |
Cluster B![]() |
Galaxy B![]() |
Level![]() |
---|---|---|---|---|
DLL Loaded via CertOC.EXE (242301bc-f92f-4476-8718-78004a6efd9f) | Sigma-Rules | System Binary Proxy Execution - T1218 (457c7820-d331-465a-915e-42f85500ccc4) | Attack Pattern | 1 |