OpenProcess

Medium Caution Level
25 Techniques Count
Kernel32.dll Library Name
Read documentation

Through official Microsoft Developer Network (MSDN).

Featured in Techniques

Technique Name Technique ID's Snippet(s) Rules(s) OS
CsrGetProcessID U0115
IsDebugged Flag U0113 B0001.019
NtGlobalFlag U0111 B0001.036
Detecting Window with FindWindow API U0406 U0123
Detecting Running Process: EnumProcess API U0109 U0405 U1306
DLL Injection via CreateRemoteThread and LoadLibrary U1226 E1055.001
APC injection U1221 E1055.004
Atom Bombing U1220
Extra Window Memory Injection U1219 E1055.011
PE Injection U1216 E1055.002
Kill Process U0403
ConsoleWindowClass U1209
Treepoline U1208
Listplanting U1207
OLEUM U1206
EditWordBreakProc U1229
WordWarping U1204
CLIPBRDWNDCLASS U1203
DNS API Injection U1202
Breaking BaDDEr U1201
Detecting Online Sandbox U1338
Killing Windows Event Log U0304
Access Token Manipulation: Parent PID Spoofing U1234 T1134.004
ProcEnvInjection - Remote code injection by abusing process environment strings U1235
Dirty Vanity U1242

Matching Samples 10 most recent

Sample Name Matching Techniques First Seen Last Seen
WNetWatcher.exe 4 2025-02-06 4 days, 7 hours ago
msimg32.dll 2 2025-01-14 3 weeks, 5 days ago
ZClient.exe 12 2025-01-13 4 weeks ago
satan_ransomware.exe 10 2024-11-30 2 months, 1 week ago
EDR Silencer 1.4.exe 8 2024-11-29 2 months, 1 week ago
credwiz.exe 6 2024-11-25 2 months, 2 weeks ago
ejecutablehex01~Rip_dump_SCY.exe.hex 5 2024-11-24 2 months, 2 weeks ago
procexp.exe 6 2024-11-21 2 months, 2 weeks ago
cfcb85ddfe25f093feb249d4004d...064da7e9ed119971859c61817f1f 7 2024-11-19 2 months, 3 weeks ago
57e0cadabe82b0c02a5d4606b0a3...6672d88e5a1ea4651969392c290b 12 2024-11-19 2 months, 3 weeks ago
View All