https://detection.fyi/sigmahq/sigma/emerging-threats/2024/malware/darkgate/file_event_win_malware_darkgate_autoit3_save_temp/
DarkGate - Drop DarkGate Loader In C:\Temp Directory | Detection.FYI
Detects attackers attempting to save, decrypt and execute the DarkGate Loader in C:\temp folder.
drop loaderin ctemp