IOC Report
rSyDiExlek.exe

loading gif

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\rSyDiExlek.exe
"C:\Users\user\Desktop\rSyDiExlek.exe"
 malicious

URLs

Name
IP
Malicious
http://www..
unknown
http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt0#
unknown
https://sectigo.com/CPS0
unknown
https://reallyfreegeoip.org/xml/81.181.62.56
104.21.67.152
http://checkip.dyndns.org/
132.226.247.73
http://crl.comodoca.C
unknown
http://ocsp.sectigo.com0
unknown
https://reallyfreegeoip.org0Q
unknown
http://checkip.dyndns.org/q
unknown
https://scratchdreams.tk
unknown
https://reallyfreegeoip.org
unknown
https://scratchdreams.tk/_send_.php?TS
172.67.169.18
http://checkip.dyndns.org
unknown
https://reallyfreegeoip.org/xml/81.181.62.56$
unknown
http://mail.privateemail.com
unknown
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
unknown
https://reallyfreegeoip.org/xml/
unknown
There are 7 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
checkip.dyndns.org
unknown
 malicious
mail.privateemail.com
198.54.122.135
reallyfreegeoip.org
104.21.67.152
scratchdreams.tk
172.67.169.18
checkip.dyndns.com
132.226.247.73

IPs

IP
Domain
Country
Malicious
104.21.67.152
reallyfreegeoip.org
United States
172.67.169.18
scratchdreams.tk
United States
198.54.122.135
mail.privateemail.com
United States
132.226.247.73
checkip.dyndns.com
United States

Registry

Path
Value
Malicious
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rSyDiExlek_RASAPI32
EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rSyDiExlek_RASAPI32
EnableAutoFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rSyDiExlek_RASAPI32
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rSyDiExlek_RASAPI32
FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rSyDiExlek_RASAPI32
ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rSyDiExlek_RASAPI32
MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rSyDiExlek_RASAPI32
FileDirectory
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rSyDiExlek_RASMANCS
EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rSyDiExlek_RASMANCS
EnableAutoFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rSyDiExlek_RASMANCS
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rSyDiExlek_RASMANCS
FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rSyDiExlek_RASMANCS
ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rSyDiExlek_RASMANCS
MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rSyDiExlek_RASMANCS
FileDirectory
There are 5 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
2ED1000
trusted library allocation
page read and write
 malicious
2FD6000
trusted library allocation
page read and write
 malicious
A72000
unkown
page readonly
 malicious
32ED000
trusted library allocation
page read and write
2F7F000
trusted library allocation
page read and write
338B000
trusted library allocation
page read and write
12A0000
heap
page read and write
6AA2000
trusted library allocation
page read and write
3F87000
trusted library allocation
page read and write
6B40000
trusted library allocation
page read and write
673F000
stack
page read and write
1290000
trusted library allocation
page read and write
3368000
trusted library allocation
page read and write
3F68000
trusted library allocation
page read and write
4FCE000
stack
page read and write
305A000
trusted library allocation
page read and write
3066000
trusted library allocation
page read and write
316F000
trusted library allocation
page read and write
3344000
trusted library allocation
page read and write
2F1F000
trusted library allocation
page read and write
302A000
trusted library allocation
page read and write
128D000
trusted library allocation
page execute and read and write
2DEE000
trusted library allocation
page read and write
65BE000
stack
page read and write
2B62000
trusted library allocation
page read and write
2FB9000
trusted library allocation
page read and write
3032000
trusted library allocation
page read and write
129A000
trusted library allocation
page execute and read and write
3F37000
trusted library allocation
page read and write
2F83000
trusted library allocation
page read and write
6536000
heap
page read and write
2FCB000
trusted library allocation
page read and write
6B70000
trusted library allocation
page execute and read and write
2E50000
trusted library allocation
page read and write
1145000
heap
page read and write
66BE000
stack
page read and write
124D000
stack
page read and write
2F37000
trusted library allocation
page read and write
1280000
trusted library allocation
page read and write
B90000
heap
page read and write
3F52000
trusted library allocation
page read and write
3076000
trusted library allocation
page read and write
1085000
heap
page read and write
A70000
unkown
page readonly
105E000
heap
page read and write
329C000
trusted library allocation
page read and write
335D000
trusted library allocation
page read and write
2F8B000
trusted library allocation
page read and write
64CA000
heap
page read and write
6A5B000
trusted library allocation
page read and write
32DB000
trusted library allocation
page read and write
32FB000
trusted library allocation
page read and write
6B60000
trusted library allocation
page read and write
110C000
heap
page read and write
331E000
trusted library allocation
page read and write
2DD0000
trusted library allocation
page read and write
5A00000
trusted library allocation
page execute and read and write
328E000
trusted library allocation
page read and write
59F0000
trusted library allocation
page read and write
3320000
trusted library allocation
page read and write
304E000
trusted library allocation
page read and write
2B6B000
trusted library allocation
page execute and read and write
2F87000
trusted library allocation
page read and write
2B60000
trusted library allocation
page read and write
304A000
trusted library allocation
page read and write
66FD000
stack
page read and write
2FD1000
trusted library allocation
page read and write
1092000
heap
page read and write
2B65000
trusted library allocation
page execute and read and write
6A50000
trusted library allocation
page read and write
3ED1000
trusted library allocation
page read and write
2F77000
trusted library allocation
page read and write
1540000
heap
page read and write
3317000
trusted library allocation
page read and write
6AA0000
trusted library allocation
page read and write
57EE000
stack
page read and write
12EF000
stack
page read and write
306A000
trusted library allocation
page read and write
104E000
stack
page read and write
1296000
trusted library allocation
page execute and read and write
3336000
trusted library allocation
page read and write
2B80000
trusted library allocation
page read and write
637E000
stack
page read and write
5453000
heap
page read and write
651B000
heap
page read and write
2F73000
trusted library allocation
page read and write
652F000
heap
page read and write
6BC0000
heap
page read and write
6A84000
trusted library allocation
page read and write
2D0C000
stack
page read and write
30A3000
trusted library allocation
page read and write
3352000
trusted library allocation
page read and write
32D7000
trusted library allocation
page read and write
2DFA000
trusted library allocation
page read and write
6A4E000
trusted library allocation
page read and write
3280000
trusted library allocation
page read and write
1292000
trusted library allocation
page read and write
6B90000
trusted library allocation
page execute and read and write
64E7000
heap
page read and write
2DF2000
trusted library allocation
page read and write
FD0000
heap
page read and write
6F50000
heap
page read and write
2E06000
trusted library allocation
page read and write
2F8F000
trusted library allocation
page read and write
309A000
trusted library allocation
page read and write
6A90000
trusted library allocation
page execute and read and write
6B50000
trusted library allocation
page read and write
132E000
stack
page read and write
6AB0000
trusted library allocation
page read and write
2DE0000
trusted library allocation
page read and write
5460000
heap
page read and write
2F41000
trusted library allocation
page read and write
2F6B000
trusted library allocation
page read and write
2F6F000
trusted library allocation
page read and write
3163000
trusted library allocation
page read and write
2F2B000
trusted library allocation
page read and write
2DE6000
trusted library allocation
page read and write
32B7000
trusted library allocation
page read and write
693D000
stack
page read and write
1270000
trusted library allocation
page read and write
3279000
trusted library allocation
page read and write
3036000
trusted library allocation
page read and write
2E20000
trusted library allocation
page read and write
3072000
trusted library allocation
page read and write
BED000
stack
page read and write
6480000
heap
page read and write
32E4000
trusted library allocation
page read and write
2E30000
trusted library allocation
page read and write
677E000
stack
page read and write
6B16000
trusted library allocation
page read and write
3309000
trusted library allocation
page read and write
6B47000
trusted library allocation
page read and write
6A60000
trusted library allocation
page execute and read and write
2F67000
trusted library allocation
page read and write
6A3D000
stack
page read and write
6526000
heap
page read and write
302E000
trusted library allocation
page read and write
2BCE000
stack
page read and write
5450000
heap
page read and write
30C1000
trusted library allocation
page read and write
3062000
trusted library allocation
page read and write
2EBD000
stack
page read and write
64EE000
heap
page read and write
687E000
stack
page read and write
6A56000
trusted library allocation
page read and write
1050000
heap
page read and write
1274000
trusted library allocation
page read and write
2D20000
heap
page read and write
3EF9000
trusted library allocation
page read and write
2B67000
trusted library allocation
page execute and read and write
303E000
trusted library allocation
page read and write
2D10000
trusted library allocation
page execute and read and write
647E000
stack
page read and write
2DFE000
trusted library allocation
page read and write
BA0000
heap
page read and write
303A000
trusted library allocation
page read and write
3328000
trusted library allocation
page read and write
6A58000
trusted library allocation
page read and write
1260000
trusted library allocation
page read and write
31DF000
trusted library allocation
page read and write
31E1000
trusted library allocation
page read and write
2EC0000
heap
page execute and read and write
3042000
trusted library allocation
page read and write
32DF000
trusted library allocation
page read and write
305E000
trusted library allocation
page read and write
2E0D000
trusted library allocation
page read and write
1273000
trusted library allocation
page execute and read and write
2F7B000
trusted library allocation
page read and write
306E000
trusted library allocation
page read and write
6B80000
trusted library allocation
page read and write
6A40000
trusted library allocation
page read and write
EF7000
stack
page read and write
1000000
heap
page read and write
2CCF000
stack
page read and write
6A70000
trusted library allocation
page read and write
2E01000
trusted library allocation
page read and write
1005000
heap
page read and write
2DEB000
trusted library allocation
page read and write
56E0000
heap
page execute and read and write
127D000
trusted library allocation
page execute and read and write
650F000
heap
page read and write
3F5C000
trusted library allocation
page read and write
3046000
trusted library allocation
page read and write
3056000
trusted library allocation
page read and write
B29000
stack
page read and write
337D000
trusted library allocation
page read and write
30A8000
trusted library allocation
page read and write
32A9000
trusted library allocation
page read and write
58EE000
stack
page read and write
6AA5000
trusted library allocation
page read and write
3052000
trusted library allocation
page read and write
2FB6000
trusted library allocation
page read and write
2F45000
trusted library allocation
page read and write
2F49000
trusted library allocation
page read and write
6547000
heap
page read and write
2D38000
trusted library allocation
page read and write
There are 186 hidden memdumps, click here to show them.