| API Name | Library | Associated With Feature(s) | Associated With Technique(s) |
|---|---|---|---|
| RegOpenKeyEx | Advapi32.dll |
|
|
| RegGetValue | Advapi32.dll |
|
|
| RegQueryInfoKey | Advapi32.dll |
|
|
| RegEnumKeyEx | Advapi32.dll |
|
|
| RegEnumValue | Advapi32.dll |
|
|
| RegCloseKey | Advapi32.dll |
|
|
| GetUserName | Advapi32.dll |
|
|
| LookupAccountName | Advapi32.dll |
|
|
| OpenProcessToken | Advapi32.dll |
|
|
| GetTokenInformation | Advapi32.dll |
|
|
| OpenSCManager | Advapi32.dll |
|
|
| EnumServicesStatus | Advapi32.dll |
|
|
| CloseServiceHandle | Advapi32.dll |
|
|
| ConvertSecurityDescriptorToStringSecurityDescriptor | Advapi32.dll |
|
|
| MapGenericMask | Advapi32.dll | ||
| AccessCheck | Advapi32.dll | ||
| RegGetKeySecurity | Advapi32.dll |
|
|
| ImpersonateSelf | Advapi32.dll |
|
|
| OpenThreadToken | Advapi32.dll |
|
|
| RevertToSelf | Advapi32.dll |
|
|
| RegCreateKey | Advapi32.dll |
|
|
| RegDeleteTree | Advapi32.dll |
|
|
| RegSetValueEx | Advapi32.dll |
|
|
| RegRenameKey | Advapi32.dll |
|
|
| RegDeleteValue | Advapi32.dll |
|
|
| MiniDumpWriteDump | Dbghelp.dll |
|
|
| BitBlt | Gdi32.dll |
|
|
| CreateToolhelp32Snapshot | Kernel32.dll |
|
|
| Process32First | Kernel32.dll |
|
|
| Process32Next | Kernel32.dll |
|
|
| DeviceIoControl | Kernel32.dll |
|
|
| GetComputerName | Kernel32.dll |
|
|
| QueryFullProcessImageName | Kernel32.dll |
|
|
| OpenProcess | Kernel32.dll |
|
|
| GetTickCount64 | Kernel32.dll |
|
|
| TerminateProcess | Kernel32.dll |
|
|
| GlobalAlloc | Kernel32.dll |
|
|
| GlobalUnlock | Kernel32.dll |
|
|
| GlobalFree | Kernel32.dll |
|
|
| GlobalLock | Kernel32.dll |
|
|
| WinExec | Kernel32.dll |
|
|
| CreateProcess | Kernel32.dll |
|
|
| GetLastError | Kernel32.dll | ||
| FindFirstFile | Kernel32.dll |
|
|
| FindNextFile | Kernel32.dll |
|
|
| FindClose | Kernel32.dll |
|
|
| Module32First | Kernel32.dll |
|
|
| Module32Next | Kernel32.dll |
|
|
| ReadProcessMemory | Kernel32.dll |
|
|
| VirtualQueryEx | Kernel32.dll |
|
|