← Back to malware index
PoolParty (timer-queue variants)
Attributions are based on open-source threat reports. A family appearing here means at least one syscall record cites it; absence does not imply non-use.
3 syscalls cited
- NtCreateTimer2
Creates a modern high-resolution timer object supporting manual-reset and no-wake flags in one call.
- NtSetTimer2
Arms a Timer2 object with a due time, optional period and a T2_SET_PARAMETERS block describing callback and flags.
- NtCancelTimer2
Cancels a previously armed Timer2 object and reports whether it was still pending.