specify thread that a NT API belongs to

[william-vu]

Hi all, Cuckoo intercepts and logs the name and arguments of NT APIs. Is this possible to log the thread ID that calls these APIs? Thank you

[kevoreilly]

As far as I know there should be a 'TID' column in the behavioural analysis (or API) logs with the thread ID for each call.