DLL Sideloading by VMware Xfer Utility (ebea773c-a8f1-42ad-a856-00cb221966e8)

Detects execution of VMware Xfer utility (VMwareXferlogs.exe) from the non-default directory which may be an attempt to sideload arbitrary DLL

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
DLL Sideloading by VMware Xfer Utility (ebea773c-a8f1-42ad-a856-00cb221966e8)	Sigma-Rules	DLL - T1574.001 (2fee9321-3e71-4cf4-af24-d4d40d355b34)	Attack Pattern	1
Hijack Execution Flow - T1574 (aedfca76-3b30-4866-b2aa-0f1d7fd1e4b6)	Attack Pattern	DLL - T1574.001 (2fee9321-3e71-4cf4-af24-d4d40d355b34)	Attack Pattern	2