CreateProcessW
Read documentation
Through official Microsoft Developer Network (MSDN).
Featured in Techniques
| Technique Name | Technique ID's | Snippet(s) | Rules(s) | OS |
|---|---|---|---|---|
| Process Hollowing, RunPE | U1225 E1055.012 | |||
| APC injection | U1221 E1055.004 | |||
| File Melt | U1007 | |||
| ProcEnvInjection - Remote code injection by abusing process environment strings | U1235 | |||
| NLS Code Injection Through Registry | U1237 |
Matching Samples 10 most recent
| Sample Name | Matching Techniques | First Seen | Last Seen |
|---|---|---|---|
| procexp.exe | 6 | 2024-11-21 | 12 hours, 7 minutes ago |
| implant.exe | 6 | 2024-11-18 | 4 days, 3 hours ago |
| Tirexdel v1.1.1.exe | 4 | 2024-11-17 | 4 days, 7 hours ago |
| KnightOnLine.exe | 7 | 2024-11-17 | 4 days, 11 hours ago |
| chelentano.exe | 5 | 2024-11-16 | 5 days, 20 hours ago |
| Sublime Text Build 3211 x64 Setup.exe | 3 | 2024-11-16 | 6 days, 4 hours ago |
| 7tt_setup.exe | 3 | 2024-11-15 | 6 days, 13 hours ago |
| Desktops.exe | 7 | 2024-11-14 | 1 week ago |
| 9124d7696d2b94e7959933c3f7a8...ce29cd5934a4d0379c2193b126be | 8 | 2024-11-14 | 1 week ago |
| malw_test.exe | 5 | 2024-11-14 | 1 week ago |