The injection of malicious code into a running process by loading a DLL (dynamic link library) that contains malicious code
APC injection
The injection of malicious code into a running process by queuing an asynchronous procedure call (APC) to a thread in the target process and then modifying the APC to point to the malicious code
Atom bombing
Used to inject and execute malicious code in the address space of a legitimate process by manipulating the global atom table, a windows data structue used for storing strings and other data
ALPC injection
The injection of malicious code into a remote process by exploiting vulnerabilities in the windows advanced local procedure call (ALPC) interface
Process Hollowing
A technique used by malware to evade detection and launch a malicious payload by creating a new process in a suspended state and then replacing its executable code with malicious code
Process doppelganging
A technique used by malware to evade detection by creating a new process with a legitimate executable and then replacing its memory with malicious code before it starts running
Reflective PE injection
A technique used to load a PE file (portable execution) directly from memory without writing it to disk, which can help evade detection
Thread execution hijacking
The hijacking of a thread in a legitimate process by modifying its context to execute malicious code instead of legitimate code
Kernel callback table injection
The injection of malicious code into the kernel by modifying the kernel callback table, which is used by the operating system to notify drivers and other kernel components of certain events
Propagate injection
A technique used to propagate the malicious code to other processes or systems by injecting it into legitimate processes and then using them to inject other processes