# CreateRemoteThread

CreateRemoteThread는 다른 프로세스의 가상 주소 공간에서 실행되는 스레드를 생성하는 기법으로, 주로 프로세스 인젝션에서 사용되는 함수입니다.

```cpp
HANDLE CreateRemoteThread(
  [in]  HANDLE                 hProcess,
  [in]  LPSECURITY_ATTRIBUTES  lpThreadAttributes,
  [in]  SIZE_T                 dwStackSize,
  [in]  LPTHREAD_START_ROUTINE lpStartAddress,
  [in]  LPVOID                 lpParameter,
  [in]  DWORD                  dwCreationFlags,
  [out] LPDWORD                lpThreadId
);
```

<table><thead><tr><th width="183">인자</th><th width="241">설명</th><th>보편적인 값</th></tr></thead><tbody><tr><td>hProcess</td><td>대상 프로세스 핸들</td><td></td></tr><tr><td>lpThreadAttributes</td><td>스레드의 보안 속성</td><td>NULL</td></tr><tr><td>dwStackSize</td><td>생성할 스레드의 스택 크기</td><td>0(PE 기본 스택 크기 사용)</td></tr><tr><td>lpStartAddress</td><td>실행할 함수의 이름/주소</td><td></td></tr><tr><td>lpParameter</td><td>함수에 전달할 매개변수</td><td></td></tr><tr><td>dwCreationFlags</td><td>생성 플래그</td><td>0 : 즉시 실행<br>CREATE_SUSPENDED : 일시 정지</td></tr><tr><td>lpThreadId</td><td>스레드 ID를 받을 포인터</td><td>변수 지정</td></tr></tbody></table>

## Example

## References


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://www.pentestwiki.com/defense-evasion/windows-api/createremotethread-1.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.