Cerbu.188895 (file analysis)

The Cerbu.188895 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Cerbu.188895 virus can do?

Sample contains Overlay data
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine Cerbu.188895?


File Info:
name: 7F4D9E06A89D219DDF91.mlw
path: /opt/CAPEv2/storage/binaries/69de0f210572537424b5267fac916d8ae612fa8dd3f4d2336d35349b51a35f63
crc32: 5DD6B604
md5: 7f4d9e06a89d219ddf910c4ae8e6c085
sha1: 21e942db8779c8cf5c47244395d5c3e042438d55
sha256: 69de0f210572537424b5267fac916d8ae612fa8dd3f4d2336d35349b51a35f63
sha512: fc6529ce0559d4ea18b1684e2b144a3ea9403a858f0af0f4431e1e1b1a3e17806d85c6444d7f4a5578cd01b3d6a05618a068854c8b51940b171c5d8cd96ff06c
ssdeep: 3072:R14BCrOOYu/UgqGZiDil44sc6bSFDcX/0fVOdEtpA2sNWpzgEo:3LjMgTirNuYvxczg
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T18144BF0E33B97F23C45417BC7506587EBFA98D1A135DA6E28126887B218AED70F363D4
sha3_384: 765bd4ae4f86013cea02de1b79d3cf002755c7007a87109046e29c4dc204b177e0f5afd8c11fd8bc5abb222a354068cc
ep_bytes: ee50b7ea8beb88fde850b78f26f99f2f
timestamp: 1975-06-24 00:00:00

Version Info:
0: [No Data]

Cerbu.188895 also known as:

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Generic.4!c
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Cerbu.188895
FireEye	Generic.mg.7f4d9e06a89d219d
Skyhigh	BehavesLike.Win32.Generic.dh
ALYac	Gen:Variant.Cerbu.188895
Malwarebytes	Generic.Malware.AI.DDS
VIPRE	Gen:Variant.Cerbu.188895
Sangfor	Trojan.Win32.Save.a
BitDefender	Gen:Variant.Cerbu.188895
Cybereason	malicious.b8779c
Arcabit	Trojan.Cerbu.D2E1DF
BitDefenderTheta	Gen:NN.ZexaF.36792.q8Z@aynrA6o
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
ClamAV	Win.Packed.Lazy-10001745-0
Rising	Trojan.Generic@AI.100 (RDML:ySj8iEPfywKBOA5hzrOF2g)
Emsisoft	Gen:Variant.Cerbu.188895 (B)
Trapmine	suspicious.low.ml.score
Sophos	Generic ML PUA (PUA)
Google	Detected
Varist	W32/Kryptik.JDZ.gen!Eldorado
Antiy-AVL	GrayWare/Win32.Wacapew
Kingsoft	malware.kb.a.998
Microsoft	Program:Win32/Wacapew.C!ml
GData	Gen:Variant.Cerbu.188895
Cynet	Malicious (score: 100)
McAfee	Artemis!7F4D9E06A89D
MAX	malware (ai score=86)
DeepInstinct	MALICIOUS
Cylance	unsafe
TrendMicro-HouseCall	TROJ_GEN.R03BH09JV23
Tencent	Trojan.Win32.Copak.kd
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.218604723.susgen
Fortinet	W32/PossibleThreat
AVG	Win32:Evo-gen [Trj]
Avast	Win32:Evo-gen [Trj]
CrowdStrike	win/malicious_confidence_100% (W)

How to remove Cerbu.188895?

Cerbu.188895 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X