Potential WWlib.DLL Sideloading

Rule Info

Tags
attack.defense_evasion attack.t1574.001 DEMO attack.privilege_escalation attack.t1574.002
Name
Potential WWlib.DLL Sideloading
Id
e2e01011-5910-4267-9c3b-4149ed5479cf
Date
2023-05-18 00:00:00
Modified
None
Description
Detects potential DLL sideloading of "wwlib.dll"
Author
X__Junior (Nextron Systems)
Type
Community Rule

Rule History

Title
Author
Commit
Date
chore: update metadata and filter
Nasreddine Bencherchali
2023-05-18
Create image_load_side_load_wwlib.yml
Mohamed Ashraf (X__Junior)
2023-05-18