ApiCall
Returns information about API calls.
Property |
Type |
Description |
Example |
|---|---|---|---|
ApiName |
String |
Name of the API called by the process |
Supported values are: •SetWinEventHook •RegisterRawInputDevices •SetWindowsHookEx •GetAsyncKeyState •CredEnumerate •CredReadDomainCredentials •CredFindBestCredential •CredRead •CredReadByTokenHandle •VaultEnumerateCredentials •RawSocketCreated (Linux only) •SocketFilterAttached (Linux only) |
Example:
<operations> <operation type="SystemApiCall"> <condition component="ApiCall" property="ApiName" condition="is" value="RegisterRawInputDevice" /> </operation> </operations> |
Supported Operations and their components:
|
ApiCall |
|---|---|
SystemApiCall |
X |