Event Examples

Page show examples of some of the events exposed through JonMon

Event ID 1 - Process Create

Event ID 2 - Process Open

Event ID 4 - Image Load

Event ID 5 - Registry Create Key

Event ID 6 - Registry Delete Key

Event ID 7 - Registry Set Value

Event ID 8 - Process ReParenting

Event ID 11 - RPC Client Call

Event ID 12 - RPC Server Call

Event ID 13 - Network Connection

HTTPS Beacon

HTTP Beacon

Event ID 17 - Thread Impersonation

Event ID 21 - File Create

Event ID 23 - NamedPipe Create

Event ID 25 - WMI Event Subscription

Event ID 26 - QueueUserAPC

Event ID 27 - Driver Load

Event ID 29 - Process Write

Event ID 30 - Process Read

Event ID 31 - Thread Token Impersonation