ResumeThread
Read documentation
Through official Microsoft Developer Network (MSDN).
Featured in Techniques
Technique Name | Technique ID's | Has Snippet(s) | Has Rules(s) |
---|---|---|---|
APC injection | U1221 E1055.004 | ||
Process Hollowing, RunPE | U1225 E1055.012 | ||
NtSetInformationThread | U0119 B0001.014 | ||
Detecting Online Sandbox | U1338 | ||
ProcEnvInjection - Remote code injection by abusing process environment strings | U1235 | ||
Access Token Manipulation: Parent PID Spoofing | U1234 T1134.004 | ||
Atom Bombing | U1220 |