About malware code, access the onboard memory is a very complicated if you don't have extensive knowledge of programming.
However, but this is not related to your specific question, the operating system exposes interfaces represented by the API and in general by the system calls.
As we know a keylogger can hook API like GetAsyncKeyState() for example, by reading your keystrokes, and then what you type on the keyboard