Parent process is a technique used by malware to evade detection by security analysts. The parent process of a given process is the process that spawned it.

For example, most user processes on a Windows system have explorer.exe as their parent process. By checking the parent process of a given process, malware can determine whether it is being monitored by …