Skip to content

Hide Navigation Hide TOC

Potential DLL Sideloading Via VMware Xfer (9313dc13-d04c-46d8-af4a-a930cc55d93b)

Detects loading of a DLL by the VMware Xfer utility from the non-default directory which may be an attempt to sideload arbitrary DLL

Cluster A Galaxy A Cluster B Galaxy B Level
Potential DLL Sideloading Via VMware Xfer (9313dc13-d04c-46d8-af4a-a930cc55d93b) Sigma-Rules DLL - T1574.001 (2fee9321-3e71-4cf4-af24-d4d40d355b34) Attack Pattern 1
Hijack Execution Flow - T1574 (aedfca76-3b30-4866-b2aa-0f1d7fd1e4b6) Attack Pattern DLL - T1574.001 (2fee9321-3e71-4cf4-af24-d4d40d355b34) Attack Pattern 2