| ID | C0039 |
| Objective(s) | Process |
| Related ATT&CK Techniques | None |
| Version | 2.1 |
| Created | 4 December 2020 |
| Last Modified | 30 April 2024 |
Malware terminates a thread.
| Tool: capa | Mapping | APIs |
|---|---|---|
| terminate thread | Terminate Thread (C0039) | kernel32.TerminateThread, PsTerminateSystemThread, System.Threading.Thread.Abort |
Process::Terminate Thread
SHA256: 27253651170386863b148afb2a0fdda7780ae65cbc31405acbd99fa06b44b79f Location: 0x14000395Bmov param_1, qword ptr [DAT_14000ca58] ; thread to terminate xor param_2, param_2 ; set the thread's exit status to 0 call qword ptr [->KERNEL32.DLL::TerminateThread] ; call the Windows API function to terminate the thread