CreateProcessA

Medium Caution Level
4 Techniques Count
Kernel32.dll Library Name
Read documentation

Through official Microsoft Developer Network (MSDN).

Featured in Techniques

Technique Name Technique ID's Snippet(s) Rules(s) OS
Process Hollowing, RunPE U1225 E1055.012
APC injection U1221 E1055.004
File Melt U1007
Access Token Manipulation: Parent PID Spoofing U1234 T1134.004

Matching Samples 10 most recent

Sample Name Matching Techniques First Seen Last Seen
program.exe 6 2025-10-01 1 week, 1 day ago
DNS-C2.exe84-rednefed-swodniw-8snoci.exe 6 2025-09-23 2 weeks, 2 days ago
rlm1611_http.dll 6 2025-09-22 2 weeks, 3 days ago
test.exe 8 2025-09-20 2 weeks, 5 days ago
presenter_lib.dll 5 2025-08-16 1 month, 3 weeks ago
hemlockwin.exe 8 2025-08-06 2 months ago
Real Ghost Hollowing Test Notepad Calc.exe 6 2025-07-05 3 months ago
DellDockFirmwarePackage_WD19_WD22_Series_HD22_01.00.31.exe 6 2025-06-12 3 months, 3 weeks ago
tel.exe 13 2025-06-01 4 months, 1 week ago
q.apk.exe 8 2025-05-30 4 months, 1 week ago
View All