Skip to content

Hide Navigation Hide TOC

Unsigned Binary Loaded From Suspicious Location (8289bf8c-4aca-4f5a-9db3-dc3d7afe5c10)

Detects Code Integrity (CI) engine blocking processes from loading unsigned DLLs residing in suspicious locations

Cluster A Galaxy A Cluster B Galaxy B Level
Unsigned Binary Loaded From Suspicious Location (8289bf8c-4aca-4f5a-9db3-dc3d7afe5c10) Sigma-Rules DLL Side-Loading - T1574.002 (e64c62cf-9cd7-4a14-94ec-cdaac43ab44b) Attack Pattern 1
DLL Side-Loading - T1574.002 (e64c62cf-9cd7-4a14-94ec-cdaac43ab44b) Attack Pattern Hijack Execution Flow - T1574 (aedfca76-3b30-4866-b2aa-0f1d7fd1e4b6) Attack Pattern 2