Potential DLL Sideloading Via VMware Xfer (9313dc13-d04c-46d8-af4a-a930cc55d93b)

Detects loading of a DLL by the VMware Xfer utility from the non-default directory which may be an attempt to sideload arbitrary DLL

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
DLL Side-Loading - T1574.002 (e64c62cf-9cd7-4a14-94ec-cdaac43ab44b)	Attack Pattern	Potential DLL Sideloading Via VMware Xfer (9313dc13-d04c-46d8-af4a-a930cc55d93b)	Sigma-Rules	1
DLL Side-Loading - T1574.002 (e64c62cf-9cd7-4a14-94ec-cdaac43ab44b)	Attack Pattern	Hijack Execution Flow - T1574 (aedfca76-3b30-4866-b2aa-0f1d7fd1e4b6)	Attack Pattern	2