Process Doppelg..nging works on all modern versions of Microsoft Windows operating system, starting from Windows Vista to the latest version of Windows 10. The new fileless code injection technique takes advantage of a built-in Windows function and an undocumented implementation of Windows process loader. The researchers tested their attack on security products from Windows Defender, Kaspersky Labs, ESET NOD32, Symantec, Trend Micro, Avast, McAfee, AVG, Panda, and even advance forensic tools.
Source: https://thehackernews.com/2017/12/malware-process-doppelganging.html