Dnrepairer.exe [repack] Jun 2026

INFO * Application launched itself. chrome.exe (PID: 1164) msedge.exe (PID: 6068) * Reads the computer name. LDPlayer9_ens_1001_ld... ANY.RUN Malware analysis LDPlayer_en_3013_600.exe Malicious ... ldinst.exe (PID: 3732) dnplayer.exe (PID: 3800) dnrepairer.exe (PID: 2996) Reads the machine GUID from the registry. LDPlayer_en_3... ANY.RUN Automated Malware Analysis Report for ... - Joe Sandbox Contains functionality to query locales information (e.g. system language). Uses code obfuscation techniques (call, push, ret). PE... Joe Sandbox Viewing online file analysis results for 'dnrepairer.exe' * Reads information about supported languages. * Reads the cryptographic machine GUID. * 1 confidential indicators. Hybrid Analysis Malware analysis LDPlayer9_ru_25567197_ld.exe Malicious activity Sep 11, 2025 —

It may invoke regsvr32.exe to register internal libraries. Security Assessment dnrepairer.exe

Here is detailed content about dnrepairer.exe , broken down for different audiences (general user, IT pro, and security analyst). INFO * Application launched itself

dnrepairer.exe is a digital parasite. It relies on social engineering—frightening the user into believing their hardware is failing—to generate profit. If you find this file on your system, immediate removal is recommended. Uses code obfuscation techniques (call

In most cases, when it is located within the official LDPlayer folder. However, because it modifies system-level settings like Hyper-V, it can sometimes trigger "false positive" alerts from antivirus software:

: Some automated sandboxes have given it a moderate threat score because it uses net.exe to manage system services, a behavior sometimes seen in malicious software .