VBA DLL Loaded Via Office Application (e6ce8457-68b1-485b-9bdd-3c2b5d679aa9)

Detects VB DLL's loaded by an office application. Which could indicate the presence of VBA Macros.

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
VBA DLL Loaded Via Office Application (e6ce8457-68b1-485b-9bdd-3c2b5d679aa9)	Sigma-Rules	Malicious File - T1204.002 (232b7f21-adf9-4b42-b936-b9d6f7df856e)	Attack Pattern	1
User Execution - T1204 (8c32eb4d-805f-4fc5-bf60-c4d476c131b5)	Attack Pattern	Malicious File - T1204.002 (232b7f21-adf9-4b42-b936-b9d6f7df856e)	Attack Pattern	2