open-menu
closeme
VMMap Signed Dbghelp.DLL Potential Sideloading
calendar
Sep 7, 2023
·
attack.defense_evasion
attack.persistence
attack.privilege_escalation
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
VMMap Unsigned Dbghelp.DLL Potential Sideloading
calendar
Sep 7, 2023
·
attack.defense_evasion
attack.persistence
attack.privilege_escalation
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
Unsigned Mfdetours.DLL Sideloading
calendar
Aug 18, 2023
·
attack.defense_evasion
attack.privilege_escalation
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
WMI Module Loaded By Non Uncommon Process
calendar
Aug 8, 2023
·
attack.execution
attack.t1047
·
Share on:
twitter
facebook
linkedin
copy
Potential Mpclient.DLL Sideloading
calendar
Aug 7, 2023
·
attack.defense_evasion
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
Potential AVKkid.DLL Sideloading
calendar
Aug 3, 2023
·
attack.defense_evasion
attack.privilege_escalation
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
Potential EACore.DLL Sideloading
calendar
Aug 3, 2023
·
attack.defense_evasion
attack.privilege_escalation
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
Potential Mfdetours.DLL Sideloading
calendar
Aug 3, 2023
·
attack.defense_evasion
attack.privilege_escalation
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
Potential Vivaldi_elf.DLL Sideloading
calendar
Aug 3, 2023
·
attack.defense_evasion
attack.privilege_escalation
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
CredUI.DLL Loaded By Uncommon Process
calendar
Jul 31, 2023
·
attack.credential_access
attack.collection
attack.t1056.002
·
Share on:
twitter
facebook
linkedin
copy
Abusable DLL Potential Sideloading From Suspicious Location
calendar
Jul 24, 2023
·
attack.execution
attack.t1059
·
Share on:
twitter
facebook
linkedin
copy
Potential CCleanerDU.DLL Sideloading
calendar
Jul 24, 2023
·
attack.defense_evasion
attack.persistence
attack.privilege_escalation
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
Potential CCleanerReactivator.DLL Sideloading
calendar
Jul 20, 2023
·
attack.defense_evasion
attack.persistence
attack.privilege_escalation
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
Potential appverifUI.DLL Sideloading
calendar
Jul 13, 2023
·
attack.defense_evasion
attack.privilege_escalation
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
Potential ShellDispatch.DLL Sideloading
calendar
Jul 13, 2023
·
attack.defense_evasion
attack.privilege_escalation
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
Possible Process Hollowing Image Loading
calendar
Jun 26, 2023
·
attack.defense_evasion
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
WMIC Loading Scripting Libraries
calendar
Jun 26, 2023
·
attack.defense_evasion
attack.t1220
·
Share on:
twitter
facebook
linkedin
copy
Potential Waveedit.DLL Sideloading
calendar
Jun 15, 2023
·
attack.defense_evasion
attack.privilege_escalation
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
Unsigned Module Loaded by ClickOnce Application
calendar
Jun 12, 2023
·
attack.persistence
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
Potential Edputil.DLL Sideloading
calendar
Jun 11, 2023
·
attack.defense_evasion
attack.privilege_escalation
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
Potential 7za.DLL Sideloading
calendar
Jun 11, 2023
·
attack.defense_evasion
attack.persistence
attack.privilege_escalation
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
Potential RjvPlatform.DLL Sideloading From Default Location
calendar
Jun 11, 2023
·
attack.defense_evasion
attack.privilege_escalation
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
Potential RjvPlatform.DLL Sideloading From Non-Default Location
calendar
Jun 11, 2023
·
attack.defense_evasion
attack.privilege_escalation
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
Potential SmadHook.DLL Sideloading
calendar
Jun 2, 2023
·
attack.defense_evasion
attack.privilege_escalation
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
Amsi.DLL Load By Uncommon Process
calendar
Jun 1, 2023
·
attack.defense_evasion
attack.impact
attack.t1490
·
Share on:
twitter
facebook
linkedin
copy
Amsi.DLL Loaded Via LOLBIN Process
calendar
Jun 1, 2023
·
attack.defense_evasion
·
Share on:
twitter
facebook
linkedin
copy
PCRE.NET Package Image Load
calendar
Jun 1, 2023
·
attack.execution
attack.t1059
·
Share on:
twitter
facebook
linkedin
copy
Potential Azure Browser SSO Abuse
calendar
Jun 1, 2023
·
attack.defense_evasion
attack.privilege_escalation
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
Potential DCOM InternetExplorer.Application DLL Hijack - Image Load
calendar
Jun 1, 2023
·
attack.lateral_movement
attack.t1021.002
attack.t1021.003
·
Share on:
twitter
facebook
linkedin
copy
PowerShell Core DLL Loaded By Non PowerShell Process
calendar
Jun 1, 2023
·
attack.t1059.001
attack.execution
·
Share on:
twitter
facebook
linkedin
copy
PowerShell Core DLL Loaded Via Office Application
calendar
Jun 1, 2023
·
attack.defense_evasion
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Volume Shadow Copy VSS_PS.dll Load
calendar
May 23, 2023
·
attack.defense_evasion
attack.impact
attack.t1490
·
Share on:
twitter
facebook
linkedin
copy
Potential Goopdate.DLL Sideloading
calendar
May 20, 2023
·
attack.defense_evasion
attack.privilege_escalation
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
Potential WWlib.DLL Sideloading
calendar
May 18, 2023
·
attack.defense_evasion
attack.privilege_escalation
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
Potential System DLL Sideloading From Non System Locations
calendar
May 16, 2023
·
attack.defense_evasion
attack.persistence
attack.privilege_escalation
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
Potential RoboForm.DLL Sideloading
calendar
May 15, 2023
·
attack.defense_evasion
attack.privilege_escalation
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
Microsoft Excel Add-In Loaded From Uncommon Location
calendar
May 15, 2023
·
attack.execution
attack.t1204.002
·
Share on:
twitter
facebook
linkedin
copy
Potential Chrome Frame Helper DLL Sideloading
calendar
May 15, 2023
·
attack.defense_evasion
attack.persistence
attack.privilege_escalation
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
Potential Wazuh Security Platform DLL Sideloading
calendar
May 15, 2023
·
attack.defense_evasion
attack.persistence
attack.privilege_escalation
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
Potential DLL Sideloading Of Libcurl.DLL Via GUP.EXE
calendar
May 9, 2023
·
attack.defense_evasion
attack.persistence
attack.privilege_escalation
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
Potential SolidPDFCreator.DLL Sideloading
calendar
May 8, 2023
·
attack.defense_evasion
attack.privilege_escalation
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
Potential DLL Sideloading Of DBGCORE.DLL
calendar
May 5, 2023
·
attack.defense_evasion
attack.persistence
attack.privilege_escalation
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
Potential DLL Sideloading Of DBGHELP.DLL
calendar
May 5, 2023
·
attack.defense_evasion
attack.persistence
attack.privilege_escalation
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Volume Shadow Copy Vssapi.dll Load
calendar
May 3, 2023
·
attack.defense_evasion
attack.impact
attack.t1490
·
Share on:
twitter
facebook
linkedin
copy
Potential Libvlc.DLL Sideloading
calendar
Apr 17, 2023
·
attack.defense_evasion
attack.persistence
attack.privilege_escalation
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
Potential Iviewers.DLL Sideloading
calendar
Apr 12, 2023
·
attack.defense_evasion
attack.privilege_escalation
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
Potential Rcdll.DLL Sideloading
calendar
Apr 12, 2023
·
attack.defense_evasion
attack.privilege_escalation
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
Active Directory Kerberos DLL Loaded Via Office Application
calendar
Apr 3, 2023
·
attack.execution
attack.t1204.002
·
Share on:
twitter
facebook
linkedin
copy
Active Directory Parsing DLL Loaded Via Office Application
calendar
Apr 3, 2023
·
attack.execution
attack.t1204.002
·
Share on:
twitter
facebook
linkedin
copy
CLR DLL Loaded Via Office Applications
calendar
Apr 3, 2023
·
attack.execution
attack.t1204.002
·
Share on:
twitter
facebook
linkedin
copy
DLL Load By System Process From Suspicious Locations
calendar
Apr 3, 2023
·
attack.defense_evasion
attack.t1070
·
Share on:
twitter
facebook
linkedin
copy
DotNET Assembly DLL Loaded Via Office Application
calendar
Apr 3, 2023
·
attack.execution
attack.t1204.002
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Volume Shadow Copy Vsstrace.dll Load
calendar
Mar 28, 2023
·
attack.defense_evasion
attack.impact
attack.t1490
·
Share on:
twitter
facebook
linkedin
copy
Aruba Network Service Potential DLL Sideloading
calendar
Mar 15, 2023
·
attack.privilege_escalation
attack.persistence
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
Microsoft Office DLL Sideload
calendar
Mar 15, 2023
·
attack.defense_evasion
attack.persistence
attack.privilege_escalation
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
Potential DLL Sideloading Using Coregen.exe
calendar
Mar 15, 2023
·
attack.defense_evasion
attack.t1218
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Potential Antivirus Software DLL Sideloading
calendar
Mar 13, 2023
·
attack.defense_evasion
attack.persistence
attack.privilege_escalation
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
Load Of Dbghelp/Dbgcore DLL From Suspicious Process
calendar
Mar 9, 2023
·
attack.credential_access
attack.t1003.001
·
Share on:
twitter
facebook
linkedin
copy
DotNet CLR DLL Loaded By Scripting Applications
calendar
Feb 23, 2023
·
attack.execution
attack.privilege_escalation
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
System Drawing DLL Load
calendar
Feb 23, 2023
·
attack.collection
attack.t1113
·
Share on:
twitter
facebook
linkedin
copy
WMI ActiveScriptEventConsumers Activity Via Scrcons.EXE DLL Load
calendar
Feb 23, 2023
·
attack.lateral_movement
attack.privilege_escalation
attack.persistence
attack.t1546.003
·
Share on:
twitter
facebook
linkedin
copy
Diagnostic Library Sdiageng.DLL Loaded By Msdt.EXE
calendar
Feb 20, 2023
·
attack.defense_evasion
attack.t1202
cve.2022.30190
·
Share on:
twitter
facebook
linkedin
copy
HackTool - SharpEvtMute DLL Load
calendar
Feb 20, 2023
·
attack.defense_evasion
attack.t1562.002
·
Share on:
twitter
facebook
linkedin
copy
DLL Loaded From Suspicious Location Via Cmspt.EXE
calendar
Feb 17, 2023
·
attack.defense_evasion
attack.t1218.003
·
Share on:
twitter
facebook
linkedin
copy
HackTool - SILENTTRINITY Stager DLL Load
calendar
Feb 17, 2023
·
attack.command_and_control
attack.t1071
·
Share on:
twitter
facebook
linkedin
copy
Potential DLL Sideloading Via VMware Xfer
calendar
Feb 17, 2023
·
attack.defense_evasion
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Renamed Comsvcs DLL Loaded By Rundll32
calendar
Feb 17, 2023
·
attack.credential_access
attack.defense_evasion
attack.t1003.001
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Unsigned Dbghelp/Dbgcore DLL Loaded
calendar
Feb 17, 2023
·
attack.credential_access
attack.t1003.001
·
Share on:
twitter
facebook
linkedin
copy
Potential DLL Sideloading Of Non-Existent DLLs From System Folders
calendar
Feb 14, 2023
·
attack.defense_evasion
attack.persistence
attack.privilege_escalation
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
Svchost DLL Search Order Hijack
calendar
Feb 14, 2023
·
attack.persistence
attack.defense_evasion
attack.t1574.002
attack.t1574.001
·
Share on:
twitter
facebook
linkedin
copy
GAC DLL Loaded Via Office Applications
calendar
Feb 9, 2023
·
attack.execution
attack.t1204.002
·
Share on:
twitter
facebook
linkedin
copy
Microsoft VBA For Outlook Addin Loaded Via Outlook
calendar
Feb 9, 2023
·
attack.execution
attack.t1204.002
·
Share on:
twitter
facebook
linkedin
copy
VBA DLL Loaded Via Office Application
calendar
Feb 9, 2023
·
attack.execution
attack.t1204.002
·
Share on:
twitter
facebook
linkedin
copy
Fax Service DLL Search Order Hijack
calendar
Feb 8, 2023
·
attack.persistence
attack.defense_evasion
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
Wmiprvse Wbemcomn DLL Hijack
calendar
Feb 7, 2023
·
attack.execution
attack.t1047
attack.lateral_movement
attack.t1021.002
·
Share on:
twitter
facebook
linkedin
copy
VMGuestLib DLL Sideload
calendar
Feb 6, 2023
·
attack.defense_evasion
attack.persistence
attack.privilege_escalation
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
DLL Sideloading Of ShellChromeAPI.DLL
calendar
Feb 5, 2023
·
attack.defense_evasion
attack.persistence
attack.privilege_escalation
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
Potential DLL Sideloading Via comctl32.dll
calendar
Feb 1, 2023
·
attack.defense_evasion
attack.persistence
attack.privilege_escalation
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
Third Party Software DLL Sideloading
calendar
Feb 1, 2023
·
attack.defense_evasion
attack.persistence
attack.privilege_escalation
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
UAC Bypass Using Iscsicpl - ImageLoad
calendar
Feb 1, 2023
·
attack.defense_evasion
attack.privilege_escalation
attack.t1548.002
·
Share on:
twitter
facebook
linkedin
copy
UAC Bypass With Fake DLL
calendar
Dec 27, 2022
·
attack.persistence
attack.defense_evasion
attack.privilege_escalation
attack.t1548.002
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
Potential DLL Sideloading Via JsSchHlp
calendar
Dec 14, 2022
·
attack.defense_evasion
attack.persistence
attack.privilege_escalation
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
Potential DLL Sideloading Via ClassicExplorer32.dll
calendar
Dec 13, 2022
·
attack.defense_evasion
attack.persistence
attack.privilege_escalation
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
Python Py2Exe Image Load
calendar
Dec 8, 2022
·
attack.defense_evasion
attack.t1027.002
·
Share on:
twitter
facebook
linkedin
copy
Time Travel Debugging Utility Usage - Image
calendar
Dec 2, 2022
·
attack.defense_evasion
attack.credential_access
attack.t1218
attack.t1003.001
·
Share on:
twitter
facebook
linkedin
copy
Suspicious WSMAN Provider Image Loads
calendar
Oct 26, 2022
·
attack.execution
attack.t1059.001
attack.lateral_movement
attack.t1021.003
·
Share on:
twitter
facebook
linkedin
copy
Unsigned Image Loaded Into LSASS Process
calendar
Oct 26, 2022
·
attack.credential_access
attack.t1003.001
·
Share on:
twitter
facebook
linkedin
copy
Windows Spooler Service Suspicious Binary Load
calendar
Oct 26, 2022
·
attack.persistence
attack.defense_evasion
attack.privilege_escalation
attack.t1574
cve.2021.1675
cve.2021.34527
·
Share on:
twitter
facebook
linkedin
copy
WMI Persistence - Command Line Event Consumer
calendar
Oct 26, 2022
·
attack.t1546.003
attack.persistence
·
Share on:
twitter
facebook
linkedin
copy
to-top