CreateProcessW
Read documentation
Through official Microsoft Developer Network (MSDN).
Featured in Techniques
| Technique Name | Technique ID's | Snippet(s) | Rules(s) | OS |
|---|---|---|---|---|
| Process Hollowing, RunPE | U1225 E1055.012 | |||
| APC injection | U1221 E1055.004 | |||
| File Melt | U1007 | |||
| ProcEnvInjection - Remote code injection by abusing process environment strings | U1235 | |||
| NLS Code Injection Through Registry | U1237 |
Matching Samples 10 most recent
| Sample Name | Matching Techniques | First Seen | Last Seen |
|---|---|---|---|
| Greenshot-INSTALLER-1.2.10.6-RELEASE.exe | 3 | 2024-11-24 | 2 days, 20 hours ago |
| satan_ransomware.exe | 10 | 2024-11-30 | 3 weeks, 1 day ago |
| DittoSetup_64bit_3_24_246_0.exe | 4 | 2024-11-26 | 3 weeks, 4 days ago |
| CyberLink_PowerDVD_Downloader (1).exe | 3 | 2024-11-25 | 3 weeks, 5 days ago |
| mediacreationtool.exe | 4 | 2024-11-25 | 3 weeks, 5 days ago |
| setupbatterycare.exe | 4 | 2024-11-25 | 3 weeks, 6 days ago |
| MSTeamsSetup.exe | 4 | 2024-11-25 | 3 weeks, 6 days ago |
| Microsoft Store.exe | 4 | 2024-11-23 | 4 weeks ago |
| procexp.exe | 6 | 2024-11-21 | 1 month ago |
| implant.exe | 6 | 2024-11-18 | 1 month ago |