MalAPI.io
Contribute
FAQ
Other
Living Off Trusted Sites
Filesec.io
Security Blog
Function Name
RtlSetProcessIsCritical
Description
RtlSetProcessIsCritical is used to set a process to a system critical status. This function is used by malware to prevent the process from being terminated.
Library
Ntdll.dll
Associated Attacks
Helper
Documentation
https://www.codeproject.com/Articles/43405/Protecting-Your-Process-with-RtlSetProcessIsCriti
Created: 2021-10-30
Last Update: 2021-10-30
Credits: mr.d0x