← Back to malware index
PrintNightmare exploits (CVE-2021-1675 / 34527)
Attributions are based on open-source threat reports. A family appearing here means at least one syscall record cites it; absence does not imply non-use.
3 syscalls cited
- NtAlpcCreatePort
Creates a server-side ALPC connection port that clients can reach with NtAlpcConnectPort.
- NtAlpcConnectPort
Establishes a client ALPC connection to a named server port and exchanges an initial message.
- NtAlpcSendWaitReceivePort
Sends an ALPC message on a port and optionally waits for a reply or the next inbound message.