APC injection involves attaching malicious code to the process’s thread. Functions in APC are executed when the thread enters an alterable state during execution. A variation of APC injection, dubbed “Early Bird injection”, involves creating a suspended process in which malicious code can be written and executed before the process’ entry point through an APC.