CreateProcessW
Read documentation
Through official Microsoft Developer Network (MSDN).
Featured in Techniques
Technique Name | Technique ID's | Snippet(s) | Rules(s) | OS |
---|---|---|---|---|
Process Hollowing, RunPE | U1225 E1055.012 | |||
APC injection | U1221 E1055.004 | |||
File Melt | U1007 | |||
ProcEnvInjection - Remote code injection by abusing process environment strings | U1235 | |||
NLS Code Injection Through Registry | U1237 |
Matching Samples 10 most recent
Sample Name | Matching Techniques | First Seen | Last Seen |
---|---|---|---|
get_hwid.exe | 4 | 2025-03-15 | 2 weeks, 1 day ago |
Setup.exe | 4 | 2025-02-12 | 1 month, 2 weeks ago |
hmpalert pre-patched.exe | 7 | 2025-02-12 | 1 month, 2 weeks ago |
WNetWatcher.exe | 4 | 2025-02-06 | 1 month, 3 weeks ago |
Stellaris v2.3.0-v3.12.5 Plus 24 Trainer.exe | 8 | 2025-01-18 | 2 months, 1 week ago |
ZClient.exe | 12 | 2025-01-13 | 2 months, 2 weeks ago |
npp.8.7.5.Installer.x64.exe | 3 | 2024-12-30 | 3 months ago |
Eraser 6.2.0.2993.exe | 4 | 2024-12-24 | 3 months ago |
Greenshot-INSTALLER-1.2.10.6-RELEASE.exe | 3 | 2024-11-24 | 3 months, 1 week ago |
satan_ransomware.exe | 10 | 2024-11-30 | 4 months ago |