Should I remove “Cerbu.124955”?

The Cerbu.124955 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Cerbu.124955 virus can do?

Possible date expiration check, exits too soon after checking local time
The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Cerbu.124955?


File Info:
name: B5729D52EFC0FCC3FCA3.mlw
path: /opt/CAPEv2/storage/binaries/476710b1ea6aff26f43e9abf8eb41eb936413a9b5ca673e9755e2aea6a7093ff
crc32: A3402734
md5: b5729d52efc0fcc3fca3e32a93298dfe
sha1: 182353e7f555c7da0d0c60bf07303cb871a5c1ce
sha256: 476710b1ea6aff26f43e9abf8eb41eb936413a9b5ca673e9755e2aea6a7093ff
sha512: 145ae013c14810acdff0778486119311050b269cb85441b8bd0f3afb882a674b109ab82608bf33742d0f922ffdecd7266afb57d7fb9a5283e9f6bb6fe291144d
ssdeep: 12288:2PFHKm77L7UskshzVCTGnaQgKTpVj3aYeiveC8omNZHsyClgmw6zxV7HN:2PFqifUskcITGPTp/w/rG
type: PE32+ executable (console) x86-64, for MS Windows
tlsh: T11A355B13B550D03AC4622AB0595DCBF5E934EE161F1195C76BE83F983F31AE2A43932B
sha3_384: 7c9b33ddc1eca1c381cb611a330936b6bb50379aae20cc9244158ee2defe5e82d1e77b25030c05fad4c545d3ee644e57
ep_bytes: 4883ec28ff15464000000fb7086685c9
timestamp: 1970-01-01 00:00:00

Version Info:
0: [No Data]

Cerbu.124955 also known as:

Lionic	Trojan.Win32.Cerbu.4!c
MicroWorld-eScan	Gen:Variant.Cerbu.124955
FireEye	Gen:Variant.Cerbu.124955
ALYac	Gen:Variant.Cerbu.124955
Cylance	Unsafe
CrowdStrike	win/malicious_confidence_90% (W)
K7GW	Trojan ( 0056e5201 )
K7AntiVirus	Trojan ( 0056e5201 )
Cyren	W64/Ipamor.CZ.gen!Eldorado
APEX	Malicious
Paloalto	generic.ml
BitDefender	Gen:Variant.Cerbu.124955
Ad-Aware	Gen:Variant.Cerbu.124955
Sophos	Generic ML PUA (PUA)
McAfee-GW-Edition	Artemis!Trojan
Emsisoft	Gen:Variant.Cerbu.124955 (B)
SentinelOne	Static AI – Suspicious PE
GData	Gen:Variant.Cerbu.124955
Jiangmin	Worm.AutoRun.awtz
Antiy-AVL	Trojan/Generic.ASMalwS.347E901
Gridinsoft	Ransom.Win64.Sabsik.sa
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
Cynet	Malicious (score: 100)
McAfee	Artemis!B5729D52EFC0
MAX	malware (ai score=84)
TrendMicro-HouseCall	TROJ_GEN.R002H09L621
Fortinet	W64/Agent.82F7!tr
MaxSecure	Trojan.Malware.121218.susgen

How to remove Cerbu.124955?

Cerbu.124955 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X