Rule Info
Name
Potential Raspberry Robin Aclui Dll SideLoading
Author
Swachchhanda Shrawan Poudel
Description
Detects potential sideloading of malicious "aclui.dll" by OleView.This behavior was observed in Raspberry-Robin variants reported by chekpoint research on Feburary 2024.
Reference
Date
2024-07-31 00:00:00
Modified
None
Id
0f3a9db2-c17a-480e-a723-d1f1c547ab6a
Tags
detection.emerging-threats attack.defense-evasion attack.privilege-escalation attack.t1574.001 attack.t1574.002 DEMO
Type
Community Rule
Link to Public Repo