CreateProcessA
Read documentation
Through official Microsoft Developer Network (MSDN).
Featured in Techniques
| Technique Name | Technique ID's | Snippet(s) | Rules(s) | OS |
|---|---|---|---|---|
| Process Hollowing, RunPE | U1225 E1055.012 | |||
| APC injection | U1221 E1055.004 | |||
| File Melt | U1007 | |||
| Access Token Manipulation: Parent PID Spoofing | U1234 T1134.004 |
Matching Samples 10 most recent
| Sample Name | Matching Techniques | First Seen | Last Seen |
|---|---|---|---|
| noui.exe | 8 | 2025-02-20 | 1 month, 1 week ago |
| processhacker-2.39-setup.exe | 3 | 2025-01-26 | 2 months ago |
| Voice.ai-Downloader.exe | 7 | 2025-01-13 | 2 months, 2 weeks ago |
| 0b863912f72efc4e514d3165e6ae...821dfa56a1fd545dba5960f6.exe | 3 | 2025-01-11 | 2 months, 2 weeks ago |
| kernel32.dll | 13 | 2024-12-30 | 3 months ago |
| test.exe | 7 | 2024-12-06 | 3 months, 3 weeks ago |
| ejecutablehex01~Rip_dump_SCY.exe.hex | 5 | 2024-11-24 | 4 months, 1 week ago |
| Microsoft Store.exe | 4 | 2024-11-23 | 4 months, 1 week ago |
| 8126a59c84aad134868c842eabc2...204cd859e6322d22ce5a3b937e2a | 5 | 2024-11-19 | 4 months, 1 week ago |
| 57e0cadabe82b0c02a5d4606b0a3...6672d88e5a1ea4651969392c290b | 12 | 2024-11-19 | 4 months, 1 week ago |