Resources used when a threat is created vs a process that’s created
What's the difference between the resources that are used when a threat is created and a process is created?
What's the difference between the resources that are used when a threat is created and a process is created?
Process
A process is an instance of a computer program that is being executed. A process has a virtual address space, executable code, open handles to system objects, a security context, a unique process identifier, environment variables, a priority class, minimum and maximum working set sizes, and at least one thread of execution. Each process is started with a single thread, often called the primary thread, but can create additional threads from any of its threads.
Thread
A thread is the entity that is contained inside a process. Multiple threads can exist within the same process and share resources such as memory. In addition, each thread maintains exception handlers, a scheduling priority, thread local storage, a unique thread identifier, and a set of structures the system will use to save the thread context until it is scheduled. The thread context includes the thread's set of machine registers, the kernel stack, a thread environment block, and a user stack in the address space of the thread's process. Threads can also have their own security context, which can be used for impersonating clients.