NtDuplicateObject

NtDuplicateObject is used to create a handle that is a duplicate of the specified source handle. Malware can use this function to obtain the necessary access rights to a process via duplicating its handle, and subsequently kill a process or inject into it.

Ntdll.dll

Injection

http://undocumented.ntinternals.net/index.html?page=UserMode%2FUndocumented%20Functions%2FNT%20Objects%2FType%20independed%2FNtDuplicateObject.html