THREAT OPS › Threat News › A Deep Dive into the GetProcessHandleFromHwnd API
A Deep Dive into the GetProcessHandleFromHwnd API
<p>In my previous blog post I mentioned the <a href="https://learn.microsoft.com/en-us/windows/win32/winauto/getprocesshandlefromhwnd"><code class="language-plaintext highlighter-rouge">GetProcessHandleFromHwnd</code></a> API. This was an API I didn’t know existed until I found a publicly disclosed <a href="https://github.com/R41N3RZUF477/QuickAssist_UAC_Bypass">UAC bypass</a> using the Quick Assi
Attributed threat actors
- Earth LuscaG1006
Indicators of compromise
- CVE-2023-41772cve
- https://www.tiraniddo.dev/2019/02/accessing-access-tokens-for-uiaccess.htmlurl
- https://googleprojectzero.blogspot.com/2018/11/url
- https://infosec.exchange/@tiraniddo/115539156769921108url
Original source: https://projectzero.google/2026/02/gphfh-deep-dive.html