Cerbu.196351 removal instruction

The Cerbu.196351 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Cerbu.196351 virus can do?

CAPE extracted potentially suspicious content
Authenticode signature is invalid
Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Cerbu.196351?


File Info:
name: A07ED05551887136AED0.mlw
path: /opt/CAPEv2/storage/binaries/bd1417c4e00ca71b6a891fb91037b8cc18b48b90fd31b54d5943824b48332616
crc32: 99AA94AA
md5: a07ed05551887136aed0b148fbdd127e
sha1: 1bfa0666baa079b4858ef2ce27ce31d4b614adfc
sha256: bd1417c4e00ca71b6a891fb91037b8cc18b48b90fd31b54d5943824b48332616
sha512: 4b73fb6d7bfb56ba776bbb68916c1ca0520b97172f9dfb2951be8229b7fa5f75189d4e14edb00fd7eff536c322751907726c3a7b0c6315db02fc83fa60d1ea36
ssdeep: 1536:fwBroTitWO5Q7ku9Pa6TyTv4zVWx6Zb4udYGENYuIP4W2LcTV7KmJ:fwloTitPy7ku9S6TKgzVWx6ZbLfoYuT6
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T17483084C63EC4853EAFF5A7D54B411631BB2F12BA533E70C1CDC50A52B633E19A8876A
sha3_384: 7d05eeb6d68854850101817d025878ec3e75b7c3399ffa287bc53d09a947997b2a3d6b68ee5c69ac284a2eb6cc645670
ep_bytes: ff25002040000000000022005c000800
timestamp: 2023-12-21 16:42:39

Version Info:
Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: ManualMapInjection
FileVersion: 1.0.0.0
InternalName: Injector.exe
LegalCopyright: Copyright ©  2017
LegalTrademarks: 
OriginalFilename: Injector.exe
ProductName: ManualMapInjection
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Cerbu.196351 also known as:

Bkav	W32.AIDetectMalware.CS
Lionic	Trojan.Win32.AntiVM.4!c
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Cerbu.196351
FireEye	Generic.mg.a07ed05551887136
CAT-QuickHeal	Trojan.YakbeexMSIL.ZZ4
Skyhigh	Artemis!Trojan
McAfee	Artemis!A07ED0555188
Malwarebytes	RiskWare.Injector.MSIL
Sangfor	Suspicious.Win32.Save.a
Alibaba	TrojanDropper:MSIL/AntiVM.3f221ad6
CrowdStrike	win/malicious_confidence_90% (W)
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of MSIL/AntiVM.A suspicious
Cynet	Malicious (score: 99)
BitDefender	Gen:Variant.Cerbu.196351
Avast	Win32:DropperX-gen [Drp]
Emsisoft	Gen:Variant.Cerbu.196351 (B)
F-Secure	Trojan.TR/Dropper.Gen
VIPRE	Gen:Variant.Cerbu.196351
Sophos	Mal/Generic-R
Ikarus	PUA.MSIL.Antivm
Varist	W32/MSIL_Kryptik.GSA.gen!Eldorado
Avira	TR/Dropper.Gen
Microsoft	Trojan:Win32/Wacatac.B!ml
Arcabit	Trojan.Cerbu.D2FEFF
GData	Gen:Variant.Cerbu.196351
Google	Detected
AhnLab-V3	Trojan/Win32.Agent.C3244445
ALYac	Gen:Variant.Cerbu.196351
MAX	malware (ai score=85)
Cylance	unsafe
TrendMicro-HouseCall	TROJ_GEN.R014H0CLL23
Rising	Trojan.Exnet!8.11EDE (CLOUD)
SentinelOne	Static AI – Malicious PE
Fortinet	Adware/AntiVM
AVG	Win32:DropperX-gen [Drp]
DeepInstinct	MALICIOUS

How to remove Cerbu.196351?

Cerbu.196351 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X