62RR45S6XR.EXE is Trojan Dropper.Dorifel
The file 62RR45S6XR.EXE is identified as a virus dropper.
The dropper 62RR45S6XR.EXE is used for downloading and installing other malware, Trojans, viruses by the commands received from the Command Center.
The file 62RR45S6XR.EXE loads into the computer memory and tries to connect to the dangerous web site.
Usually the 62RR45S6XR.EXE dropper does not infect the files on the computer and does not replicate itself on other computers.
Kill the 62RR45S6XR.EXE process and delete the file 62RR45S6XR.EXE.
Malware Analysis of 62RR45S6XR.EXE
Full path on a computer: %Profile%\62rr45s6xr.exe
Detected by UnHackMe:
Item Name: Regedit32
Author:
Related File: %SysDir%\regedit.exe
Type: Registry Run
Item Name: Rootkit: NECURS
Author: Unknown
Related File:
Type: Devices in Memory
Detected by RegRun Warrior:
Item Name: Regedit32
Author:
Related File: %SysDir%\regedit.exe
Type: Registry Run
Item Name: 3ff0567d9a512d06
Author:
Related File: %SYSDIR%\DRIVERS\3FF0567D9A512D06.SYS
Type: Drivers
Item Name: 3ff0567d9a512d06
Author:
Related File: %SYSDIR%\DRIVERS\3FF0567D9A512D06.SYS
Type: Drivers
Removal Results: Success
Number of reboot: 2
62RR45S6XR.EXE is known as:
Trojan.Dropper.Dorifel
62RR45S6XR.EXE hash:
- MD5: ff1cd21044f1659728480a5bff1d8aa9
Registry:- HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Regedit32: “%SysDir%\regedit.exe”
- HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\MaxUserPort: 0x0000FFFE
- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\62rr45s6xr: “%Profile%\62rr45s6xr.exe”
Files:- %Profile%\62rr45s6xr.exe
Recommended: UnHackMe anti-rootkit and anti-malware
Premium software: RegRun Security Suite (Good choice for removal and protection)
