In this section we will take about the how to perform code injection using Asynchronous procedure call

Now, Let’s Get Deeper to the APC Code Injection.

• First, We Need to find the process where we can Inject our payload.
• Second, Find all threads in that function.
• Third, Allocate free memory in that process.
• Fourth, Write the payload to the free memory.
• Fifth, Now here comes the part for APC we will Queue for all threads.

Now, Let’s Get More Deeper.

Assume we have those two process.

1. We have Malware Process.
2. Legitimate Process.

We will put the Legitimate Process in Sleep State.

Then We Will Queue Our APC Function.

Notice that the APC Function is now Queued.