About “Cerbu.121872” infection

The Cerbu.121872 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Cerbu.121872 virus can do?

Authenticode signature is invalid
Anomalous binary characteristics

How to determine Cerbu.121872?


File Info:
name: 98847D4A15F0165F4AA7.mlw
path: /opt/CAPEv2/storage/binaries/fc86c30274a12c9f4f819d75ea5c9549d636bdb7065e2a7302e56d25dc59d04c
crc32: 0C99BCFF
md5: 98847d4a15f0165f4aa7cf92c4838740
sha1: 2f285bb8a7ed6710d5777e87f9d78ae74b051668
sha256: fc86c30274a12c9f4f819d75ea5c9549d636bdb7065e2a7302e56d25dc59d04c
sha512: c1d7193269c3ad52b78bdde9a259febbc1ff2f434cc0adc79cecf3bc8abf2a83ba44de1873cb57814906f25054b072c008d1e518998351304770bc213aa1f6b7
ssdeep: 768:als7+nto0vWpxZEiPu8Hswp77FNX30P+cPa/E6sBmBU:+++t7vWpxZEiG8MwpfF130/zCU
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T137F24C97ABA840F6E43B5134C6D16222B970B8BD173943CB32AD660A3F723F4953D706
sha3_384: b40d80569d9f6d1ecf53514ba3d3f7aad91603934e70052d64a3795637b365bd39ff94c83d4fb62d3ba965d38bc18c0e
ep_bytes: 0d9af3ffffff1524eeffff488d0dbdf3
timestamp: 2001-08-17 20:50:29

Version Info:
0: [No Data]

Cerbu.121872 also known as:

Bkav	W32.AIDetect.malware1
MicroWorld-eScan	Gen:Variant.Cerbu.121872
FireEye	Generic.mg.98847d4a15f0165f
ALYac	Gen:Variant.Cerbu.121872
Cylance	Unsafe
Symantec	ML.Attribute.HighConfidence
TrendMicro-HouseCall	TROJ_GEN.R002H09KN21
BitDefender	Gen:Variant.Cerbu.121872
Ad-Aware	Gen:Variant.Cerbu.121872
Emsisoft	Gen:Variant.Cerbu.121872 (B)
McAfee-GW-Edition	BehavesLike.Win32.Generic.nm
Sophos	ML/PE-A
Ikarus	Trojan.Win32.Rbot
GData	Gen:Variant.Cerbu.121872
MAX	malware (ai score=84)
Gridinsoft	Ransom.Win32.Wacatac.sa
Arcabit	Trojan.Cerbu.D1DC10
APEX	Malicious
Microsoft	Program:Win32/Uwamson.A!ml
Cynet	Malicious (score: 100)
McAfee	Artemis!98847D4A15F0
Rising	Malware.Heuristic!ET#87% (RDMK:cmRtazpZDfEpKejFqd5BR8yixqZN)
CrowdStrike	win/malicious_confidence_60% (W)
MaxSecure	Trojan.Malware.300983.susgen

How to remove Cerbu.121872?

Cerbu.121872 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X