The ProcessTreeType captures the process tree for the malware instance, including the parent process and processes spawned by it, along with any Actions initiated by each.
| Field Name | Type | Description |
|---|---|---|
| Root_Process1..1 | ProcessTreeNodeType |
The Root_Process field captures the root process in the process tree. |
