Potential StarRailBase.dll Sideloading

Rule Info

Name
Potential StarRailBase.dll Sideloading
Author
MalGamy
Description
Detects potential DLL sideloading of "StarRailBase.dll", which is part of the Honkai game.
Reference
https://any.run/cybersecurity-blog/kransom-abuses-rpg
Date
2024-09-23 00:00:00
Modified
None
Id
e58ddd2a-11b7-4d66-8e38-0be705105cb0
Tags
attack.privilege-escalation attack.t1574.001 attack.t1574.002
Type
Nextron Sigma feed only (private)

Rule History

THOR Logo  Scan your endpoints, forensic images or collected files with our portable scanner THOR
  Warning: Access to VALHALLA is rate-limited - once you prove unworthy, access gets denied
  Nextron Systems 2022