ResumeThread
Read documentation
Through official Microsoft Developer Network (MSDN).
Featured in Techniques
| Technique Name | Technique ID's | Categories | Snippet(s) | Rules(s) |
|---|---|---|---|---|
| NtSetInformationThread | U0119 B0001.014 |
|
||
| Process Hollowing, RunPE | U1225 E1055.012 |
|
||
| APC injection | U1221 E1055.004 |
|
||
| Atom Bombing | U1220 |
|
||
| Detecting Online Sandbox | U1338 |
|
||
| Access Token Manipulation: Parent PID Spoofing | U1234 T1134.004 |
|
||
| ProcEnvInjection - Remote code injection by abusing process environment strings | U1235 |
|
Matching Samples 10 most recent
| Sample Name | Matching Techniques | First Seen | Last Seen |
|---|---|---|---|
| presenter_lib.dll | 5 | 2025-08-16 | 1 week, 5 days ago |
| superman.exe | 6 | 2026-04-20 | 1 month, 1 week ago |
| agent.exe | 7 | 2026-04-01 | 2 months ago |
| rlm1611_http.dll | 6 | 2025-11-22 | 2 months, 1 week ago |
| hello.exe | 6 | 2026-03-18 | 2 months, 2 weeks ago |
| greeze_dupe.exe | 1 | 2026-03-08 | 2 months, 3 weeks ago |
| passper-for-rar_setup-com_passper.exe | 8 | 2026-02-18 | 3 months, 2 weeks ago |
| ProtonVPN.Launcher.exe | 6 | 2026-02-18 | 3 months, 2 weeks ago |
| patcher - ORIGINAL.dll | 5 | 2026-02-10 | 3 months, 3 weeks ago |
| main.exe | 11 | 2026-02-07 | 3 months, 3 weeks ago |