CreateProcessA
Read documentation
Through official Microsoft Developer Network (MSDN).
Featured in Techniques
| Technique Name | Technique ID's | Snippet(s) | Rules(s) | OS |
|---|---|---|---|---|
| Process Hollowing, RunPE | U1225 E1055.012 | |||
| APC injection | U1221 E1055.004 | |||
| File Melt | U1007 | |||
| Access Token Manipulation: Parent PID Spoofing | U1234 T1134.004 |
Matching Samples 10 most recent
| Sample Name | Matching Techniques | First Seen | Last Seen |
|---|---|---|---|
| 8126a59c84aad134868c842eabc2...204cd859e6322d22ce5a3b937e2a | 5 | 2024-11-19 | 2 days, 4 hours ago |
| 57e0cadabe82b0c02a5d4606b0a3...6672d88e5a1ea4651969392c290b | 12 | 2024-11-19 | 2 days, 6 hours ago |
| 23b1971659b16e186f9e1b36d8bc...e512b346e78f77dc314503aac59a | 13 | 2024-11-19 | 2 days, 6 hours ago |
| 1445a6fae415ff8b97807309ed6d...29636ba6a100dbcf3e3e04924790 | 7 | 2024-11-19 | 2 days, 6 hours ago |
| KnightOnLine.exe | 7 | 2024-11-17 | 4 days ago |
| cascade-injection.exe | 6 | 2024-11-17 | 4 days, 7 hours ago |
| Pafish 0.6.exe | 10 | 2024-11-13 | 1 week, 1 day ago |