OpenProcess

Read documentation

Through official Microsoft Developer Network (MSDN).

Featured in Techniques

Technique Name	Technique ID's	Snippet(s)	Rules(s)	OS
CsrGetProcessID	U0115
IsDebugged Flag	U0113 B0001.019
NtGlobalFlag	U0111 B0001.036
Detecting Window with FindWindow API	U0406 U0123
Detecting Running Process: EnumProcess API	U0109 U0405 U1306
DLL Injection via CreateRemoteThread and LoadLibrary	U1226 E1055.001
APC injection	U1221 E1055.004
Atom Bombing	U1220
Extra Window Memory Injection	U1219 E1055.011
PE Injection	U1216 E1055.002
Kill Process	U0403
ConsoleWindowClass	U1209
Treepoline	U1208
Listplanting	U1207
OLEUM	U1206
EditWordBreakProc	U1229
WordWarping	U1204
CLIPBRDWNDCLASS	U1203
DNS API Injection	U1202
Breaking BaDDEr	U1201
Detecting Online Sandbox	U1338
Killing Windows Event Log	U0304
Access Token Manipulation: Parent PID Spoofing	U1234 T1134.004
ProcEnvInjection - Remote code injection by abusing process environment strings	U1235
Dirty Vanity	U1242

Sample Name	Matching Techniques	First Seen	Last Seen
DP_Simple_Player.exe	5	2025-05-13	3 hours, 39 minutes ago
hmpalert.exe	8	2025-04-20	2 weeks ago
firefox.exe	3	2025-04-26	2 weeks, 3 days ago
TCS30Autoplay_Net.exe	6	2025-04-25	2 weeks, 4 days ago
DarkComet Remover 2 Portable.exe	4	2025-04-19	3 weeks, 2 days ago
NLiveConnectorSetup.exe	4	2025-04-05	1 month, 1 week ago
noui.exe	8	2025-02-20	2 months, 3 weeks ago
hmpalert pre-patched.exe	7	2025-02-12	3 months ago
WNetWatcher.exe	4	2025-02-06	3 months, 1 week ago
msimg32.dll	2	2025-01-14	3 months, 4 weeks ago