Malware

Cerbu.125312 (B) removal tips

Malware Removal

The Cerbu.125312 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Cerbu.125312 (B) virus can do?

  • Dynamic (imported) function loading detected
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Binary compilation timestomping detected

How to determine Cerbu.125312 (B)?


File Info:

name: D192429498D5F9B280BC.mlw
path: /opt/CAPEv2/storage/binaries/92329a37229d07abaddf6f6bc2d7586afeab42be9ba2ffc173ce0f650b6189c7
crc32: B41478F2
md5: d192429498d5f9b280bc885aa12b66c5
sha1: 584a201eee9cba34c242d9e765f3e4446a5c877e
sha256: 92329a37229d07abaddf6f6bc2d7586afeab42be9ba2ffc173ce0f650b6189c7
sha512: a48d9079ed74c7275b38ec5d5cd9e4ff28da695f9803b04ddac496a39c6d05d3bb9b0805b651b5f49186e6b78339575788a9c7d0f0f94f395dc6243d5067ddb2
ssdeep: 3072:BcIJb1mPJZzaxPCARz2OulJznveunouYfnJz8xjiiFgvHiH47f1dt1oSQLlmMclK:Bcomh5ANzWzznvHouY/CJAfiy1nZQLlD
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1DE04F1456E244771CE2A8E72802B9325033F8518FD2E4A497AFF8D7C4CEB32795953DA
sha3_384: cc99315c9a2f47c3bc1e09236650f5e5790ab7aa391985438959d3ea48cd22330202ba228916becaf6ee2fcf00d3fc15
ep_bytes: ff250020400000000000000000000000
timestamp: 2099-05-21 20:43:20

Version Info:

Translation: 0x0000 0x04b0
Comments:
CompanyName:
FileDescription: Попытка223
FileVersion: 1.0.0.0
InternalName: FACEITInstaller_x64.exe
LegalCopyright: Copyright © 2021
LegalTrademarks:
OriginalFilename: FACEITInstaller_x64.exe
ProductName: Попытка223
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Cerbu.125312 (B) also known as:

LionicTrojan.Win32.Cerbu.4!c
MicroWorld-eScanGen:Variant.Cerbu.125312
FireEyeGen:Variant.Cerbu.125312
ALYacGen:Variant.Cerbu.125312
K7AntiVirusPassword-Stealer ( 0058ba381 )
K7GWPassword-Stealer ( 0058ba381 )
Paloaltogeneric.ml
BitDefenderGen:Variant.Cerbu.125312
AvastWin32:MalwareX-gen [Trj]
Ad-AwareGen:Variant.Cerbu.125312
McAfee-GW-EditionGenericRXRC-HL!D192429498D5
EmsisoftGen:Variant.Cerbu.125312 (B)
GDataGen:Variant.Cerbu.125312
GridinsoftRansom.Win32.Sabsik.sa
ArcabitTrojan.Cerbu.D1E980
CynetMalicious (score: 100)
McAfeeGenericRXRC-HL!D192429498D5
MAXmalware (ai score=86)
MalwarebytesMachineLearning/Anomalous.94%
TrendMicro-HouseCallTROJ_GEN.R002H09L921
MaxSecureTrojan.Malware.300983.susgen
AVGWin32:MalwareX-gen [Trj]

How to remove Cerbu.125312 (B)?

Cerbu.125312 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment