Active Directory Kerberos DLL Loaded Via Office Application (7417e29e-c2e7-4cf6-a2e8-767228c64837)

Detects Kerberos DLL being loaded by an Office Product

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
Malicious File - T1204.002 (232b7f21-adf9-4b42-b936-b9d6f7df856e)	Attack Pattern	Active Directory Kerberos DLL Loaded Via Office Application (7417e29e-c2e7-4cf6-a2e8-767228c64837)	Sigma-Rules	1
User Execution - T1204 (8c32eb4d-805f-4fc5-bf60-c4d476c131b5)	Attack Pattern	Malicious File - T1204.002 (232b7f21-adf9-4b42-b936-b9d6f7df856e)	Attack Pattern	2