Malware

What is “Cerbu.155323 (B)”?

Malware Removal

The Cerbu.155323 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Cerbu.155323 (B) virus can do?

  • Sample contains Overlay data
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Exhibits possible ransomware file modification behavior
  • Anomalous binary characteristics

How to determine Cerbu.155323 (B)?



File Info:

name: 9B90C419F1EC10922558.mlw
path: /opt/CAPEv2/storage/binaries/a005c146b928d8f09d93f1cc4b33bd117ca7e8030cb9c67a0d9f235ce66e346e
crc32: 6E79DC2B
md5: 9b90c419f1ec10922558a7fd033b20a2
sha1: 8f6be08eb07f606cfe3c534c1be20b9733b88faf
sha256: a005c146b928d8f09d93f1cc4b33bd117ca7e8030cb9c67a0d9f235ce66e346e
sha512: 8da32dd8d196b779bcafd2a9bf7fe07ab4d730489a28da75394a01d0a20495fa5f246a9d8348a48dd1d81ce70d2174b47b72861f6c9ef67a30a01ffeca0e01d0
ssdeep: 6144:hhK9q08s9oUliKD8dRcAU3qe+x9TBOvIVzUJHBTn:hiqRs9oUsKD83cqlx9TovAzuNn
type: PE32+ executable (GUI) x86-64, for MS Windows
tlsh: T11364AEA1B3A44CF9DD77813EC8518916D6B27C5A0BA0C61F03B836665F733A10D3DBA9
sha3_384: bad4f4249d86a39162a1a25a01be8906936e887299df565a42e27b634a2de517a8dae13a73438ba5a9a2432c830af57b
ep_bytes: e848feffffc82000004c897c24f84883
timestamp: 2020-12-09 14:10:08


Version Info:

CompanyName: Oracle Corporation
FileDescription: Java(TM) Platform SE binary
FileVersion: 8.0.2810.9
Full Version: 1.8.0_281-b09
InternalName: javaw
LegalCopyright: Copyright © 2020
OriginalFilename: javaw.exe
ProductName: Java(TM) Platform SE 8
ProductVersion: 8.0.2810.9
Translation: 0x0000 0x04b0

Cerbu.155323 (B) also known as:

MicroWorld-eScanGen:Variant.Cerbu.155323
FireEyeGen:Variant.Cerbu.155323
CyrenW64/Ipamor.A
ESET-NOD32Win64/Filecoder.GG
KasperskyVHO:Trojan-Ransom.Win32.Crypmod.gen
BitDefenderGen:Variant.Cerbu.155323
Ad-AwareGen:Variant.Cerbu.155323
EmsisoftGen:Variant.Cerbu.155323 (B)
VIPREGen:Variant.Cerbu.155323
GDataGen:Variant.Cerbu.155323
JiangminTrojan.Blocker.urx
GoogleDetected
MAXmalware (ai score=87)
ArcabitTrojan.Cerbu.D25EBB
CynetMalicious (score: 100)
AhnLab-V3Malware/Win.Ransom.R533164
Acronissuspicious
ALYacGen:Variant.Cerbu.155323
MalwarebytesRansom.Azov
RisingRansom.Agent!8.6B7 (TFE:2:U9tOTBNOHOO)
IkarusWorm.Win32.Soulclose
FortinetW64/Filecoder.GG!tr

How to remove Cerbu.155323 (B)?

Cerbu.155323 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment