What is “Cerbu.112574 (B)”?

The Cerbu.112574 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Cerbu.112574 (B) virus can do?

CAPE extracted potentially suspicious content
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine Cerbu.112574 (B)?


File Info:
name: DCFCC9F6144FF35631F1.mlw
path: /opt/CAPEv2/storage/binaries/4269f4e661194c2fd844d1366720314f49111e62c842d37a8f14a9a175a6f5b7
crc32: D76BB1C8
md5: dcfcc9f6144ff35631f1b59a6dd03213
sha1: b898da7e9fcd18686021ef41b34d5d126b946c5d
sha256: 4269f4e661194c2fd844d1366720314f49111e62c842d37a8f14a9a175a6f5b7
sha512: 2deabb6188dadc39cad25d08a08d41ed7aea4c60bb26379856995dc86d30d6356df08471f6a9123fb71ff5a5af2c7c539cdf158fd68e979927c5e1c8ebcbde6e
ssdeep: 12288:fi2mk1TV8DZ3YkSXRqQY5ZrGDkgQvnElkSXRqQY5ZrGDkgQvXV:h158DZotXQQYHa/yQtXQQYHa/yF
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F915F11571428B9DEA3E0BBD45A1C53013E29F16D220D7AF7EC8FE977AB76028B48D14
sha3_384: 65a105ce87795f54e90a98812861b0f586b417038dcf3a9684ca094e72f3787fa4aaeb573243609be41969fe98c4fce6
ep_bytes: ff250020400000000000000000000000
timestamp: 2015-06-21 10:25:19

Version Info:
Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: Bitcoin Generator Ultimate
FileVersion: 5.0.1.4
InternalName: Bitcoin Generator.exe
LegalCopyright: Copyright ©  2017
LegalTrademarks: 
OriginalFilename: Bitcoin Generator.exe
ProductName: Bitcoin Generator
ProductVersion: 5.0.1.4
Assembly Version: 5.0.1.4

Cerbu.112574 (B) also known as:

Bkav	W32.AIDetectMalware.CS
Lionic	Trojan.Win32.FakeTool.4!c
DrWeb	Trojan.BtcMine.1148
MicroWorld-eScan	Gen:Variant.Cerbu.112574
FireEye	Gen:Variant.Cerbu.112574
ALYac	Gen:Variant.Cerbu.112574
Zillya	Trojan.FakeTool.Win32.2652
Sangfor	Trojan.Win32.Faketool.Vxqg
CrowdStrike	win/grayware_confidence_60% (W)
Alibaba	Trojan:MSIL/FakeTool.808634ef
BitDefenderTheta	Gen:NN.ZemsilF.36744.4m0@a059d3h
Symantec	Trojan.Gen.MBT
Elastic	malicious (moderate confidence)
ESET-NOD32	a variant of MSIL/FakeTool.AQD
BitDefender	Gen:Variant.Cerbu.112574
NANO-Antivirus	Trojan.Win32.BtcMine.erjojp
Avast	Win32:Malware-gen
Tencent	Malware.Win32.Gencirc.115dfad5
Emsisoft	Gen:Variant.Cerbu.112574 (B)
F-Secure	Heuristic.HEUR/AGEN.1351517
VIPRE	Gen:Variant.Cerbu.112574
Sophos	Mal/Generic-S
Ikarus	Trojan.MSIL.FakeTool
GData	Gen:Variant.Cerbu.112574
Webroot	W32.Trojan.Gen
Google	Detected
Avira	HEUR/AGEN.1351517
Varist	W32/Ursu.FV.gen!Eldorado
Antiy-AVL	Trojan/Win32.BTSGeneric
Arcabit	Trojan.Cerbu.D1B7BE
Microsoft	Trojan:Win32/Wacatac.B!ml
MAX	malware (ai score=86)
Malwarebytes	Generic.Malware.AI.DDS
Panda	Trj/GdSda.A
Rising	Trojan.Faketool!8.2FA (CLOUD)
SentinelOne	Static AI – Suspicious PE
MaxSecure	Trojan.Malware.184495761.susgen
AVG	Win32:Malware-gen
DeepInstinct	MALICIOUS

How to remove Cerbu.112574 (B)?

Cerbu.112574 (B) removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X