How can you implement APC-based DLL injection in C++?

The C++ implementation uses `QueueUserAPC` to add a function (like `LoadLibraryA`) to the APC queue of a target thread. The code opens the target process, allocates memory for the DLL path, writes it, then calls `QueueUserAPC` to execute the load. No remote thread is created, so Sysmon's Event ID 8 is not logged. A full example is referenced in the article's C++ section, which successfully injects `testdll` into `calc.exe` without triggering alerts.