GetProcAddress

Featured in Techniques

Technique Name	Technique ID's	Categories	Snippet(s)	Rules(s)
NtSetInformationThread	U0119 B0001.014
NtQueryObject	U0118 B0001.013
CsrGetProcessID	U0115
IsDebugged Flag	U0113 B0001.019
NtGlobalFlag	U0111 B0001.036
API Obfuscation	U0217 B0032.001
DLL Injection via CreateRemoteThread and LoadLibrary	U1226 E1055.001
NtSetDebugFilterState	U0103
Reflective DLL injection	U1224
Atom Bombing	U1220
Extra Window Memory Injection	U1219 E1055.011
Injection using Shims	U1218 E1055.m03
Inline Hooking	U1211 F0015.002
Kill Process	U0403
NTFS Files Attributes	U0501
Indicator Removal: Timestomp	U0303 T1070.006
File Melt	U1007
Detecting Online Sandbox	U1338
Killing Windows Event Log	U0304
Disabling Event Tracing for Windows (ETW)	U0306
ProcEnvInjection - Remote code injection by abusing process environment strings	U1235
Thwarting Stack-Frame Analysis	U0219
Unloading Sysmon Driver	U0407
Tamper DLL Export Names & GetProcAddress Spoofing	U1241
Dirty Vanity	U1242

Sample Name	Matching Techniques	First Seen	Last Seen
Analist Pro V5.exe	5	2026-05-02	1 week ago
cdtag.exe	2	2026-04-29	1 week, 4 days ago
moduledll.dll	6	2026-04-24	2 weeks, 2 days ago
merged.exe	6	2026-04-24	2 weeks, 2 days ago
AutoNest.exe	2	2026-04-20	2 weeks, 5 days ago
superman.exe	6	2026-04-20	2 weeks, 6 days ago
USBWatcher.exe	7	2026-04-18	3 weeks, 1 day ago
CVE-2026-20817_PoC.exe	8	2026-04-09	1 month ago
Raid.exe	7	2026-04-08	1 month ago
b2a17fbdf536bd79dba9eb5e4ea3...0fdd7eb07ca6c5bdf73de001.exe	11	2026-04-07	1 month ago