SADBRIDGE

According to Elastic, SADBRIDGE is a malware loader packaged as an MSI executable for delivery and it uses DLL side-loading with various injection techniques to execute malicious payloads. SADBRIDGE abuses legitimate applications such as x64dbg.exe and MonitoringHost.exe to load malicious DLLs like x64bridge.dll and HealthServiceRuntime.dll, which leads to subsequent stages and shellcodes.

Family metadata imported from Malpedia (Fraunhofer FKIE).