Malware is often using one of these 3 APIs to launch new processes:
- WinExec
- ShellExecute (Ansi and Wide versions)
- CreateProcess (Ansi and Wide versions + all CreateProcess* family e.g. CreateProcessInternal, CreateProcessAsUser, etc.)
Question:
There is at least one more API function that could be also used to launch executables. What is its name?
Have a good weekend!
Answer here