Analysis
-
max time kernel
40s -
max time network
145s -
platform
windows7_x64 -
resource
win7-20220812-en -
resource tags
arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system -
submitted
08-09-2022 05:12
Behavioral task
behavioral1
Sample
bELd.exe
Resource
win7-20220812-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
bELd.exe
Resource
win10v2004-20220812-en
1 signatures
150 seconds
General
-
Target
bELd.exe
-
Size
24KB
-
MD5
d3de9be2e9bbce1dcb62d74046e2472f
-
SHA1
37279112b56bcde819ab22467eddce8d0f205be8
-
SHA256
32b0c48d95e9c4ef2860368bee244489b6e321119d4a51fafa7d9f755e0eee99
-
SHA512
1ef2335788648a75010a8078a6d2194b5f57d72e0159c59f7a74df89e8e2298044eb5c2a751de1ef550e785929c952a1f7e8e1c73c24834019f49624ff7c4097
-
SSDEEP
192:gX+8Pa9S8kjYTDGgbcp4LlTNISAfF9aEOnryD91ABkGxVXdqoNARJk:gXP/jYTDGggpKNI3fJWyDbAnx2oNn
Score
1/10
Malware Config
Signatures
-
Checks processor information in registry 2 TTPs 2 IoCs
Processor information is often read in order to detect sandboxing environments.
Processes:
bELd.exedescription ioc process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\SYSTEM\CENTRALPROCESSOR\0 bELd.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString bELd.exe