Malware uses various API calls to interact with the system, and in this chapter, you learned how API calls are used by the malicious binary to implement various functionalities. This chapter also covered different persistent techniques used by the adversaries, which allow them to reside on the victim's system even after a system reboot (some of these techniques allow a malicious binary to execute code with high privileges).

In the next chapter, you will learn about different code injection techniques used by the adversaries to execute their malicious code within the context of a legitimate process.