Skip to content

Hide Navigation Hide TOC

DLL Sideloading by VMware Xfer Utility (ebea773c-a8f1-42ad-a856-00cb221966e8)

Detects execution of VMware Xfer utility (VMwareXferlogs.exe) from the non-default directory which may be an attempt to sideload arbitrary DLL

Cluster A Galaxy A Cluster B Galaxy B Level
DLL Sideloading by VMware Xfer Utility (ebea773c-a8f1-42ad-a856-00cb221966e8) Sigma-Rules DLL - T1574.001 (2fee9321-3e71-4cf4-af24-d4d40d355b34) Attack Pattern 1
Hijack Execution Flow - T1574 (aedfca76-3b30-4866-b2aa-0f1d7fd1e4b6) Attack Pattern DLL - T1574.001 (2fee9321-3e71-4cf4-af24-d4d40d355b34) Attack Pattern 2