Malware

Cerbu.153499 removal instruction

Malware Removal

The Cerbu.153499 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Cerbu.153499 virus can do?

  • Sample contains Overlay data
  • Reads data out of its own binary image
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Cerbu.153499?



File Info:

name: 28B51EBFCD8C10FF73C7.mlw
path: /opt/CAPEv2/storage/binaries/62756336c495daf424ae48b7585c0b8cf704fd15b9a7c423408b5eb5ac0b022b
crc32: E7462727
md5: 28b51ebfcd8c10ff73c7621e9b6753d8
sha1: 689a0c950ae934a94941438d12e4f813723ec30d
sha256: 62756336c495daf424ae48b7585c0b8cf704fd15b9a7c423408b5eb5ac0b022b
sha512: 6a2022c9955b88df6237831a315b9bb34e740c7c0247a99d3c3322adbf09e8ad78458b580a18b62309129de2222996554f66c108b499e20713c0160adb7f7097
ssdeep: 196608:JuJQI7ibZBZUSadJwbg25nXRqYuOASjN5e:JuKI7M3UHW5nXRb+H
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1DA7633163886040DCCE61C75DE97EECCC8DBF883A0FA9E963D17411249A21FA6DF1769
sha3_384: d30dbc569c0d0c178ae373346f541a7c752f26490fbc4ba95c7db8041a49184ac44905c1955af2a5ae25a9fc0fe9a37f
ep_bytes: 60be00f040008dbe0020ffff5783cdff
timestamp: 1992-06-19 22:22:17


Version Info:

Comments: This installation was built with Inno Setup: http://www.innosetup.com
CompanyName: Jared Breland                                               
FileDescription: Universal Extractor Setup                                   
FileVersion:                     
InternalName: 
OriginalFilename: 
ProductName: 
ProductVersion: 
Translation: 0x0409 0x04e4

Cerbu.153499 also known as:

LionicAdware.Win32.ScreenSaver.lyVv
FireEyeGen:Variant.Zusy.438735
SkyhighBehavesLike.Win32.AdwareHotBar.wc
McAfeeArtemis!28B51EBFCD8C
MalwarebytesAgent.Trojan.Dropper.DDS
SangforTrojan.Win32.Zusy.V1kq
ClamAVWin.Packed.Munp-10026959-0
BitDefenderGen:Variant.Zusy.438735
AvastWin32:Malware-gen
EmsisoftApplication.InstallAd (A)
VIPREGen:Variant.Zusy.438735
Trapminesuspicious.low.ml.score
MAXmalware (ai score=89)
JiangminTrojan.Ekstak.cbqn
GoogleDetected
VaristW32/Trojan.IWO.gen!Eldorado
Antiy-AVLGrayWare/Win32.Wacapew
MicrosoftProgram:Win32/Wacapew.C!ml
ArcabitTrojan.Zusy.D6B1CF [many]
GDataGen:Variant.Zusy.438735
ALYacGen:Variant.Cerbu.153499
Cylanceunsafe
IkarusGen.Munp
FortinetW32/Agent.SLC!tr
AVGWin32:Malware-gen
alibabacloudTrojan:Win/Cerbu

How to remove Cerbu.153499?

Cerbu.153499 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment