Cerbu.186521 removal instruction

The Cerbu.186521 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Cerbu.186521 virus can do?

Authenticode signature is invalid
Binary file triggered YARA rule
Yara detections observed in process dumps, payloads or dropped files

How to determine Cerbu.186521?


File Info:
name: 8540714855B40993D09B.mlw
path: /opt/CAPEv2/storage/binaries/f861dafce775cbaa815e973d590c522aa3fa1c1bae842b56020ee8850ab5d5aa
crc32: 8D6CD14A
md5: 8540714855b40993d09b0f01cf4cc7be
sha1: edaddfec48c4c5573c43b9a6510525da24d9ce4e
sha256: f861dafce775cbaa815e973d590c522aa3fa1c1bae842b56020ee8850ab5d5aa
sha512: 25fd4f3a36b256949a13b09f294b3f4a3b580b6995ab6a04806e914577cc692430348344c264ac7da7b47c8ebbbb4ef6da616b0c06ea65c4063c0bbcb703d0e0
ssdeep: 48:qHupGeMcCB96DrhWHR0FiIsipZlM+u+eAPMDQHpyuLv6om+TBVL:PMXB0rw0MI/pwbdMBVL
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
tlsh: T18691513543C31671D188027A7EFE2EDD82289F19536244CF868A24B31D257CB7EB2E67
sha3_384: 60d3bb80cd3e6eb856455b434f4fce48f235bcb9c5b88caf8437e8026b7e709b33caa9ec8756cdfa02e9f03a3b420d09
ep_bytes: 558bec518b450c8945fc837dfc017402
timestamp: 2013-07-14 11:06:17

Version Info:
0: [No Data]

Cerbu.186521 also known as:

Bkav	W32.FamVT.DebrisA.Worm
MicroWorld-eScan	Gen:Variant.Cerbu.186521
FireEye	Generic.mg.8540714855b40993
CAT-QuickHeal	Trojan.Agent.WL
Skyhigh	Downloader-FOB!8540714855B4
ALYac	Gen:Variant.Cerbu.186521
Cylance	unsafe
Zillya	Worm.DebrisGen.Win32.1
Sangfor	Suspicious.Win32.Save.a
CrowdStrike	win/malicious_confidence_100% (W)
Alibaba	Worm:Win32/Debris.ea07c6f2
K7GW	Trojan ( 0045a1fd1 )
K7AntiVirus	EmailWorm ( 0040f50c1 )
BitDefenderTheta	Gen:NN.ZedlaF.36802.aq4@aizTgvp
VirIT	Trojan.Win32.Generic.BCTP
Symantec	W32.Dromedan
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/Bundpil.CK
APEX	Malicious
TrendMicro-HouseCall	WORM_GAMARUE.SMF
ClamAV	Win.Worm.Gamarue-6803704-0
Kaspersky	Worm.Win32.Debris.abw
BitDefender	Gen:Variant.Cerbu.186521
NANO-Antivirus	Trojan.Win32.Andromeda.cqkyah
Avast	Win32:Sg-F [Trj]
Tencent	Worm.Win32.Debris.b
TACHYON	Worm/W32.Debris.4608.B
Emsisoft	Gen:Variant.Cerbu.186521 (B)
Baidu	Win32.Worm.Agent.q
F-Secure	Worm.WORM/Gamarue.409654
DrWeb	Trojan.Starter.3056
VIPRE	Gen:Variant.Cerbu.186521
TrendMicro	WORM_GAMARUE.SMF
Sophos	W32/Gamarue-BJ
SentinelOne	Static AI – Suspicious PE
GData	Gen:Variant.Cerbu.186521
Jiangmin	Trojan/Generic.aynxm
Webroot
Varist	W32/Csyr.C.gen!Eldorado
Avira	WORM/Gamarue.409654
Antiy-AVL	Worm/Win32.Debris
Kingsoft	malware.kb.a.996
Xcitium	Worm.Win32.Bundpil.BL@4zjaeb
Arcabit	Trojan.Cerbu.D2D899
ViRobot	Trojan.Win32.Agent.Gen.D
ZoneAlarm	Worm.Win32.Debris.abw
Microsoft	Worm:Win32/Gamarue.AB
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win32.Agent.R74794
McAfee	Downloader-FOB!8540714855B4
Google	Detected
MAX	malware (ai score=83)
VBA32	Worm.Gamarue.1813
Malwarebytes	Generic.Malware.AI.DDS
Panda	Trj/Injector.AV
Rising	Worm.Gamarue!1.9CC6 (CLASSIC)
Yandex	Trojan.GenAsa!h7EM2NcKRv0
Ikarus	Worm.Win32.Gamarue
MaxSecure	Worm.Debris.Gen
Fortinet	W32/Bundpil.AA!tr
AVG	Win32:Sg-F [Trj]
DeepInstinct	MALICIOUS
alibabacloud	Worm:Win/Gamarue.16f22e53

How to remove Cerbu.186521?

Cerbu.186521 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X