forked from Mr-Un1k0d3r/EDRs
-
Notifications
You must be signed in to change notification settings - Fork 0
/
sentinelone.txt
46 lines (46 loc) · 1.37 KB
/
sentinelone.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
KiUserApcDispatcher is hooked
LdrLoadDll is hooked
NtAllocateVirtualMemory is hooked
NtCreateThreadEx is hooked
NtCreateUserProcess is hooked
NtFreeVirtualMemory is hooked
NtLoadDriver is hooked
NtMapUserPhysicalPages is hooked
NtMapViewOfSection is hooked
NtOpenProcess is hooked
NtProtectVirtualMemory is hooked
NtQuerySystemInformation is hooked
NtQuerySystemInformationEx is hooked
NtQueueApcThread is hooked
NtQueueApcThreadEx is hooked
NtReadVirtualMemory is hooked
NtResumeThread is hooked
NtSetContextThread is hooked
NtSetInformationProcess is hooked
NtSetInformationThread is hooked
NtTerminateProcess is hooked
NtUnmapViewOfSection is hooked
NtWriteVirtualMemory is hooked
RtlAddVectoredExceptionHandler is hooked
RtlGetNativeSystemInformation is hooked
ZwAllocateVirtualMemory is hooked
ZwCreateThreadEx is hooked
ZwCreateUserProcess is hooked
ZwFreeVirtualMemory is hooked
ZwLoadDriver is hooked
ZwMapUserPhysicalPages is hooked
ZwMapViewOfSection is hooked
ZwOpenProcess is hooked
ZwProtectVirtualMemory is hooked
ZwQuerySystemInformation is hooked
ZwQuerySystemInformationEx is hooked
ZwQueueApcThread is hooked
ZwQueueApcThreadEx is hooked
ZwReadVirtualMemory is hooked
ZwResumeThread is hooked
ZwSetContextThread is hooked
ZwSetInformationProcess is hooked
ZwSetInformationThread is hooked
ZwTerminateProcess is hooked
ZwUnmapViewOfSection is hooked
ZwWriteVirtualMemory is hooked