OpenProcess

Read documentation

Through official Microsoft Developer Network (MSDN).

Featured in Techniques

Technique Name	Technique ID's	Categories	Snippet(s)	Rules(s)
CsrGetProcessID	U0115
IsDebugged Flag	U0113 B0001.019
NtGlobalFlag	U0111 B0001.036
Detecting Window with FindWindow API	U0406 U0123
Detecting Running Process: EnumProcess API	U0109 U0405 U1306
DLL Injection via CreateRemoteThread and LoadLibrary	U1226 E1055.001
APC injection	U1221 E1055.004
Atom Bombing	U1220
Extra Window Memory Injection	U1219 E1055.011
PE Injection	U1216 E1055.002
Kill Process	U0403
ConsoleWindowClass	U1209
Treepoline	U1208
Listplanting	U1207
OLEUM	U1206
EditWordBreakProc	U1229
WordWarping	U1204
CLIPBRDWNDCLASS	U1203
DNS API Injection	U1202
Breaking BaDDEr	U1201
Detecting Online Sandbox	U1338
Killing Windows Event Log	U0304
Access Token Manipulation: Parent PID Spoofing	U1234 T1134.004
ProcEnvInjection - Remote code injection by abusing process environment strings	U1235
Dirty Vanity	U1242

Sample Name	Matching Techniques	First Seen	Last Seen
CVE-2026-20817_PoC.exe	8	2026-04-09	6 days, 15 hours ago
b2a17fbdf536bd79dba9eb5e4ea3...0fdd7eb07ca6c5bdf73de001.exe	11	2026-04-07	1 week, 1 day ago
passper-for-rar_setup-com_passper.exe	8	2026-02-18	1 month, 4 weeks ago
main.exe	11	2026-02-07	2 months, 1 week ago
x64_AcroCEF.exe	5	2026-01-30	2 months, 2 weeks ago
x64_Acrobat.exe	9	2026-01-30	2 months, 2 weeks ago
x64_Acrobat.exe	9	2026-01-30	2 months, 2 weeks ago
MBSetup (3).exe	6	2025-10-18	3 months, 3 weeks ago
setup.exe	11	2025-12-09	4 months ago
ekrn.exe	5	2025-11-19	4 months, 3 weeks ago