Potential Python DLL SideLoading

Rule Info

Name
Potential Python DLL SideLoading
Author
Swachchhanda Shrawan Poudel
Description
Detects potential DLL sideloading of Python DLL files.
Reference
https://www.securonix.com/blog/seolurker-attack-campaign-uses-seo-poisoning-fake-google-ads-to-install-malware/
Date
2024-10-06 00:00:00
Modified
None
Id
d36f7c12-14a3-4d48-b6b8-774b9c66f44d
Tags
attack.defense-evasion attack.t1574.002
Type
Community Rule
Link to Public Repo
https://github.com/SigmaHQ/sigma/search?q=d36f7c12-14a3-4d48-b6b8-774b9c66f44d

Rule History

Author
Title
Date
Commit
Swachchhanda Shrawan Poudel
Merge PR #5031 from @swachchhanda000 - Add `Potential Python DLL SideLoading`
2024-10-07
d1f1fc716
THOR Logo  Scan your endpoints, forensic images or collected files with our portable scanner THOR
  Warning: Access to VALHALLA is rate-limited - once you prove unworthy, access gets denied
  Nextron Systems 2022