GetProcAddress

Featured in Techniques

Technique Name	Technique ID's	Categories	Snippet(s)	Rules(s)
NtSetInformationThread	U0119 B0001.014
NtQueryObject	U0118 B0001.013
CsrGetProcessID	U0115
IsDebugged Flag	U0113 B0001.019
NtGlobalFlag	U0111 B0001.036
API Obfuscation	U0217 B0032.001
DLL Injection via CreateRemoteThread and LoadLibrary	U1226 E1055.001
NtSetDebugFilterState	U0103
Reflective DLL injection	U1224
Atom Bombing	U1220
Extra Window Memory Injection	U1219 E1055.011
Injection using Shims	U1218 E1055.m03
Inline Hooking	U1211 F0015.002
Kill Process	U0403
NTFS Files Attributes	U0501
Indicator Removal: Timestomp	U0303 T1070.006
File Melt	U1007
Detecting Online Sandbox	U1338
Killing Windows Event Log	U0304
Disabling Event Tracing for Windows (ETW)	U0306
ProcEnvInjection - Remote code injection by abusing process environment strings	U1235
Thwarting Stack-Frame Analysis	U0219
Unloading Sysmon Driver	U0407
Tamper DLL Export Names & GetProcAddress Spoofing	U1241
Dirty Vanity	U1242

Sample Name	Matching Techniques	First Seen	Last Seen
AutoNest.exe	2	2026-04-20	17 hours, 11 minutes ago
superman.exe	6	2026-04-20	22 hours, 8 minutes ago
USBWatcher.exe	7	2026-04-18	3 days, 5 hours ago
CVE-2026-20817_PoC.exe	8	2026-04-09	1 week, 5 days ago
Raid.exe	7	2026-04-08	1 week, 5 days ago
b2a17fbdf536bd79dba9eb5e4ea3...0fdd7eb07ca6c5bdf73de001.exe	11	2026-04-07	1 week, 6 days ago
agent.exe	7	2026-04-01	2 weeks, 5 days ago
FilterKeysSetter.exe	5	2026-03-28	3 weeks, 3 days ago
sentinel - roblox.exe	1	2026-03-26	3 weeks, 4 days ago
spread.exe	6	2026-03-24	3 weeks, 6 days ago