Process32Next
Read documentation
Through official Microsoft Developer Network (MSDN).
Featured in Techniques
Technique Name | Technique ID's | Snippet(s) | Rules(s) | OS |
---|---|---|---|---|
Parent Process Detection | U0404 | |||
SuspendThread | U0101 C0055 | |||
APC injection | U1221 E1055.004 | |||
Atom Bombing | U1220 | |||
Kill Process | U0403 | |||
Detecting Online Sandbox | U1338 | |||
Access Token Manipulation: Parent PID Spoofing | U1234 T1134.004 |
Matching Samples 10 most recent
Sample Name | Matching Techniques | First Seen | Last Seen |
---|---|---|---|
EDR Silencer 1.4.exe | 8 | 2024-11-29 | 5 days, 13 hours ago |
implant.exe | 6 | 2024-11-18 | 2 weeks, 2 days ago |
EDRSilencer.exe | 9 | 2024-11-14 | 2 weeks, 6 days ago |
Pafish 0.6.exe | 10 | 2024-11-13 | 3 weeks ago |