PUA - Kernel Driver Utility (KDU) Execution (e76ca062-4de0-4d79-8d90-160a0d335eca)
Detects execution of the Kernel Driver Utility (KDU) tool. KDU can be used to bypass driver signature enforcement and load unsigned or malicious drivers into the Windows kernel. Potentially allowing for privilege escalation, persistence, or evasion of security controls.