Product
high
threat
Rundll32 Execution with Log.DLL
2 rules 1 TTPDetects the execution of rundll32 with 'log.dll' as a command-line argument, indicative of Lotus Blossom Chrysalis backdoor activity and DLL sideloading attempts.
Windows +1
Lotus Blossom
rundll32
dll-sideloading
lotus-blossom
chrysalis-backdoor
2r
1t
high
threat
Bitdefender Submission Wizard DLL Sideloading
2 rules 2 TTPsDetection of potential DLL side-loading of Bitdefender Submission Wizard (BDSubmit.exe, bdsw.exe, or renamed BluetoothService.exe) via loading a malicious log.dll from a non-standard path.
Bitdefender Submission Wizard
Lotus Blossom
dll-sideloading
persistence
privilege-escalation
lotus-blossom
sysmon
2r
2t