| API Name | Library | Associated With Feature(s) | Associated With Technique(s) |
|---|---|---|---|
| RegOpenKeyEx | Advapi32.dll |
|
|
| RegGetValue | Advapi32.dll |
|
|
| RegQueryInfoKey | Advapi32.dll |
|
|
| RegEnumKeyEx | Advapi32.dll |
|
|
| RegEnumValue | Advapi32.dll |
|
|
| RegCloseKey | Advapi32.dll |
|
|
| GetUserName | Advapi32.dll |
|
|
| LookupAccountName | Advapi32.dll |
|
|
| OpenProcessToken | Advapi32.dll |
|
|
| GetTokenInformation | Advapi32.dll |
|
|
| OpenSCManager | Advapi32.dll |
|
|
| EnumServicesStatus | Advapi32.dll |
|
|
| CloseServiceHandle | Advapi32.dll |
|
|
| MiniDumpWriteDump | Dbghelp.dll |
|
|
| BitBlt | Gdi32.dll |
|
|
| CreateToolhelp32Snapshot | Kernel32.dll |
|
|
| Process32First | Kernel32.dll |
|
|
| Process32Next | Kernel32.dll |
|
|
| DeviceIoControl | Kernel32.dll |
|
|
| GetComputerName | Kernel32.dll |
|
|
| QueryFullProcessImageNameW | Kernel32.dll |
|
|
| OpenProcess | Kernel32.dll |
|
|
| GetTickCount64 | Kernel32.dll |
|
|
| TerminateProcess | Kernel32.dll |
|
|
| GlobalAlloc | Kernel32.dll |
|
|
| GlobalUnlock | Kernel32.dll |
|
|
| GlobalFree | Kernel32.dll |
|
|
| GlobalLock | Kernel32.dll |
|
|
| WinExec | Kernel32.dll |
|
|
| CreateProcess | Kernel32.dll |
|
|
| GetLastError | Kernel32.dll | ||
| FindFirstFileW | Kernel32.dll |
|
|
| FindNextFileW | Kernel32.dll |
|
|
| FindClose | Kernel32.dll |
|
|
| Module32First | Kernel32.dll |
|
|
| Module32Next | Kernel32.dll |
|
|
| ReadProcessMemory | Kernel32.dll |
|
|
| VirtualQueryEx | Kernel32.dll |
|
|
| WNetOpenEnum | Mpr.dll |
|
|
| WNetEnumResource | Mpr.dll |
|
|
| WNetCloseEnum | Mpr.dll |
|
|
| NtQuerySystemInformation | NTDLL.DLL |
|
|
| NtQueryInformationProcess | NTDLL.DLL |
|
|
| NetUserEnum | Netapi32.dll |
|
|
| NtUserGetInfo | Netapi32.dll |
|
|
| NetApiBufferFree | Netapi32.dll |
|
|
| NetShareEnum | Netapi32.dll |
|
|
| ShellExecute | Shell32.dll |
|
|
| GetLastInputInfo | User32.dll |
|
|
| GetForegroundWindow | User32.dll |
|
|