
Rule Info
Name
Potential ArphaDump64.DLL Sideloading
Author
MalGamy (Nextron System)
Description
Detects potential DLL sideloading of "arphaDump.dll", a technique where attackers place a malicious DLL alongside a legitimate vulnerable application to evade detection, gain persistence, and execute malicious code.
Date
2025-03-24 00:00:00
Modified
None
Id
9803ed55-1410-4b61-a370-17f5e8ef7639
Tags
attack.defense-evasion attack.privilege-escalation attack.t1574.001 attack.t1574.002
Type
Nextron Sigma feed only (private)