OpenProcess

Read documentation

Through official Microsoft Developer Network (MSDN).

Featured in Techniques

Technique Name	Technique ID's	Snippet(s)	Rules(s)	OS
CsrGetProcessID	U0115
IsDebugged Flag	U0113 B0001.019
NtGlobalFlag	U0111 B0001.036
Detecting Window with FindWindow API	U0406 U0123
Detecting Running Process: EnumProcess API	U0109 U0405 U1306
DLL Injection via CreateRemoteThread and LoadLibrary	U1226 E1055.001
APC injection	U1221 E1055.004
Atom Bombing	U1220
Extra Window Memory Injection	U1219 E1055.011
PE Injection	U1216 E1055.002
Kill Process	U0403
ConsoleWindowClass	U1209
Treepoline	U1208
Listplanting	U1207
OLEUM	U1206
EditWordBreakProc	U1229
WordWarping	U1204
CLIPBRDWNDCLASS	U1203
DNS API Injection	U1202
Breaking BaDDEr	U1201
Detecting Online Sandbox	U1338
Killing Windows Event Log	U0304
Access Token Manipulation: Parent PID Spoofing	U1234 T1134.004
ProcEnvInjection - Remote code injection by abusing process environment strings	U1235
Dirty Vanity	U1242

Sample Name	Matching Techniques	First Seen	Last Seen
tel.exe	13	2025-06-01	4 weeks, 1 day ago
5.exe	9	2025-05-30	1 month ago
q.apk.exe	8	2025-05-30	1 month ago
cobalt_sample.exe	13	2025-05-25	1 month ago
DP_Simple_Player.exe	5	2025-05-13	1 month, 2 weeks ago
hmpalert.exe	8	2025-04-20	2 months ago
firefox.exe	3	2025-04-26	2 months ago
TCS30Autoplay_Net.exe	6	2025-04-25	2 months ago
DarkComet Remover 2 Portable.exe	4	2025-04-19	2 months, 1 week ago
NLiveConnectorSetup.exe	4	2025-04-05	2 months, 3 weeks ago