Skip to content

Hide Navigation Hide TOC

CodeIntegrity - Blocked Image/Driver Load For Policy Violation (e4be5675-4a53-426a-8c81-a8bb2387e947)

Detects blocked load events that did not meet the authenticode signing level requirements or violated the code integrity policy.

Cluster A Galaxy A Cluster B Galaxy B Level
Create or Modify System Process - T1543 (106c0cf6-bf73-4601-9aa8-0945c2715ec5) Attack Pattern CodeIntegrity - Blocked Image/Driver Load For Policy Violation (e4be5675-4a53-426a-8c81-a8bb2387e947) Sigma-Rules 1