Malware

Cerbu.153808 removal

Malware Removal

The Cerbu.153808 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Cerbu.153808 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine Cerbu.153808?



File Info:

name: D2A0B69F95068391CD06.mlw
path: /opt/CAPEv2/storage/binaries/76d74b70cacc165d5e2ad4db4d3241dd6fc7aff8f65ad773c9d8990b860abb5e
crc32: 9BB45E35
md5: d2a0b69f95068391cd062ee691e2c0ac
sha1: 524b434bc4c8159130b29c0c139bfbef9c59580c
sha256: 76d74b70cacc165d5e2ad4db4d3241dd6fc7aff8f65ad773c9d8990b860abb5e
sha512: 2c555b23108360193776e1de54490b362badca22485746ccee705ec490fab31a1faaed3dbd11b3c2a014eaa97da1b000fd037d9dcd58ef9593030babadd98d72
ssdeep: 196608:FMo3rTlZUX68ERC8uJozd4HEntM84/9LHZ2N5G:FMWG+j64t2/99Z
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T166763310F383AAFFD524B977FA8E99412E10BB27356215DFD508AF7F61892194F43222
sha3_384: 6d7eb3e7ed4091c58fe544f3548ab76f0ce74c29727e16679638b9f1be9a8a7e1ae413a5e5e29c2258a0cc6e4aa72186
ep_bytes: 558bec83c4d453565733c08945f08945
timestamp: 1992-06-19 22:22:17


Version Info:

Comments: This installation was built with Inno Setup: http://www.innosetup.com
CompanyName: Areh Relanh                                                 
FileDescription: Universal Extractor Setup                                   
FileVersion:                     
InternalName: 
OriginalFilename: 
ProductName: 
ProductVersion: 
Translation: 0x0409 0x04e4

Cerbu.153808 also known as:

MicroWorld-eScanGen:Variant.Cerbu.153808
FireEyeGen:Variant.Cerbu.153808
ESET-NOD32a variant of Win32/TrojanDropper.Agent.SLC
ClamAVWin.Malware.Ekstak-9968247-0
KasperskyTrojan.Win32.Ekstak.amvrr
BitDefenderGen:Variant.Cerbu.153808
AvastWin32:Adware-gen [Adw]
Ad-AwareGen:Variant.Cerbu.153808
EmsisoftGen:Variant.Cerbu.153808 (B)
GDataGen:Variant.Cerbu.153808
JiangminTrojan.Ekstak.cbqn
MAXmalware (ai score=81)
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
MalwarebytesMalware.AI.1889248393
FortinetW32/Agent.SLC!tr
AVGWin32:Adware-gen [Adw]

How to remove Cerbu.153808?

Cerbu.153808 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment