CreateProcessW
Read documentation
Through official Microsoft Developer Network (MSDN).
Featured in Techniques
| Technique Name | Technique ID's | Snippet(s) | Rules(s) | OS |
|---|---|---|---|---|
| Process Hollowing, RunPE | U1225 E1055.012 | |||
| APC injection | U1221 E1055.004 | |||
| File Melt | U1007 | |||
| ProcEnvInjection - Remote code injection by abusing process environment strings | U1235 | |||
| NLS Code Injection Through Registry | U1237 |
Matching Samples 10 most recent
| Sample Name | Matching Techniques | First Seen | Last Seen |
|---|---|---|---|
| ri_setup_full4134_UjiwJcEu.exe | 7 | 2025-10-02 | 5 days, 19 hours ago |
| chrome_pwa_launcher.exe | 5 | 2025-09-24 | 1 week, 6 days ago |
| rlm1611_http.dll | 6 | 2025-09-22 | 2 weeks, 1 day ago |
| hid-tools.dll | 13 | 2025-09-22 | 2 weeks, 2 days ago |
| Yandex.exe | 8 | 2025-09-20 | 2 weeks, 3 days ago |
| VNC-Viewer-7.15.0-Windows-64bit.exe | 5 | 2025-09-04 | 1 month ago |
| LINTools.exe | 4 | 2025-08-26 | 1 month, 1 week ago |
| 0b98de4fbe9e42aa1b79f642c241...ac19b3fc5400705cfba61968.exe | 5 | 2025-08-13 | 1 month, 3 weeks ago |
| reshacker_setup.exe | 4 | 2025-08-09 | 1 month, 4 weeks ago |
| 131da83b521f610819141d5c7403...abb22ef504a7593955a65f07.exe | 9 | 2025-06-12 | 3 months, 3 weeks ago |