ApiCall

返回有关 API 调用的信息。

属性	类型	说明	示例
ApiName	Symbol	进程调用的 API 的名称	支持的值为： •0—SetWinEventHook •1—SetWindowsHookEx •2—RegisterRawInputDevices •3—GetAsyncKeyState •4—UiLimitWriteClipboard •5—UiWriteClipboard •6—CredEnumerate •7—CredReadDomainCredentials •8—CredFindBestCredential •9—CredBackupCredentials •10—CredRead •11—CredReadByTokenHandle •12—VaultEnumerateCredentials •21845—RawSocketCreated1 •21846—SocketFilterAttached1

属性

类型

说明

示例

ApiName

进程调用的 API 的名称

支持的值为：

•0—SetWinEventHook

•1—SetWindowsHookEx

•2—RegisterRawInputDevices

•3—GetAsyncKeyState

•4—UiLimitWriteClipboard

•5—UiWriteClipboard

•6—CredEnumerate

•7—CredReadDomainCredentials

•8—CredFindBestCredential

•9—CredBackupCredentials

•10—CredRead

•11—CredReadByTokenHandle

•12—VaultEnumerateCredentials

•21845—RawSocketCreated1

•21846—SocketFilterAttached1

1 仅限 Linux

示例

</operation>

</operations>

•SystemApiCall

˄˅