CreateProcessA
Read documentation
Through official Microsoft Developer Network (MSDN).
Featured in Techniques
| Technique Name | Technique ID's | Categories | Snippet(s) | Rules(s) |
|---|---|---|---|---|
| Process Hollowing, RunPE | U1225 E1055.012 |
|
||
| APC injection | U1221 E1055.004 |
|
||
| File Melt | U1007 |
|
||
| Access Token Manipulation: Parent PID Spoofing | U1234 T1134.004 |
|
Matching Samples 10 most recent
| Sample Name | Matching Techniques | First Seen | Last Seen |
|---|---|---|---|
| merged.exe | 6 | 2026-04-24 | 1 day, 19 hours ago |
| rlm1611_http.dll | 6 | 2025-11-22 | 1 month ago |
| loader_complete.exe | 10 | 2026-01-27 | 2 months, 4 weeks ago |
| eState-2026-ZM4RXTVD.exe | 3 | 2026-01-20 | 3 months ago |
| NVTArk_Free_Setup.exe | 3 | 2026-01-18 | 3 months ago |
| steamcmd.exe | 5 | 2025-11-02 | 5 months, 3 weeks ago |
| program.exe | 6 | 2025-10-01 | 6 months, 3 weeks ago |
| DNS-C2.exe84-rednefed-swodniw-8snoci.exe | 6 | 2025-09-23 | 7 months ago |
| rlm1611_http.dll | 6 | 2025-09-22 | 7 months ago |
| test.exe | 8 | 2025-09-20 | 7 months ago |