What are the key steps to implement Process Doppelgänging?

First, create an NTFS transaction using `NtCreateTransaction`. Then, fill the transaction with the payload using `CreateFileTransacted` and `NtCreateSection`. Next, launch the payload as a process with `NtCreateProcessEx` and `NtCreateThreadEx`. Finally, roll back the transaction with `NtRollbackTransaction` to clean traces. This sequence makes the payload invisible to security products during execution. Details are covered in the Introduction to Process Doppelganging Exploitation.