CreateProcessA
Read documentation
Through official Microsoft Developer Network (MSDN).
Featured in Techniques
| Technique Name | Technique ID's | Snippet(s) | Rules(s) | OS |
|---|---|---|---|---|
| Process Hollowing, RunPE | U1225 E1055.012 | |||
| APC injection | U1221 E1055.004 | |||
| File Melt | U1007 | |||
| Access Token Manipulation: Parent PID Spoofing | U1234 T1134.004 |
Matching Samples 10 most recent
| Sample Name | Matching Techniques | First Seen | Last Seen |
|---|---|---|---|
| hemlockwin.exe | 8 | 2025-08-06 | 1 week ago |
| Real Ghost Hollowing Test Notepad Calc.exe | 6 | 2025-07-05 | 1 month, 1 week ago |
| DellDockFirmwarePackage_WD19_WD22_Series_HD22_01.00.31.exe | 6 | 2025-06-12 | 2 months ago |
| tel.exe | 13 | 2025-06-01 | 2 months, 1 week ago |
| q.apk.exe | 8 | 2025-05-30 | 2 months, 2 weeks ago |
| cobalt_sample.exe | 13 | 2025-05-25 | 2 months, 2 weeks ago |
| flushes.exe | 7 | 2025-05-24 | 2 months, 2 weeks ago |
| ZAP.exe | 6 | 2025-04-26 | 3 months, 2 weeks ago |
| noui.exe | 8 | 2025-02-20 | 5 months, 3 weeks ago |
| processhacker-2.39-setup.exe | 3 | 2025-01-26 | 6 months, 2 weeks ago |