Malware

Cerbu.199167 malicious file

Malware Removal

The Cerbu.199167 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Cerbu.199167 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Reads data out of its own binary image
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine Cerbu.199167?



File Info:

name: BF80F34542340CB6DB36.mlw
path: /opt/CAPEv2/storage/binaries/d39795f87569506da3454178189a7fd27d1a78e3adcbc4d0a069c5cf03cf0f75
crc32: E9A42EFE
md5: bf80f34542340cb6db3638af54020efa
sha1: 417aa69550ba18a5ba494a827dbd543715109d0e
sha256: d39795f87569506da3454178189a7fd27d1a78e3adcbc4d0a069c5cf03cf0f75
sha512: fffe8d18d26251a853639648e2437fa482d20e51878066020f774bc47855296424813beff0a409de248ed9d697493221b278b014b36ff178263cb036816f6415
ssdeep: 98304:OivqBe5dy2qOnMOHxjNORR/aiNYbPjts8OVMeXbqW5dimpky:7MeTRqox8HqhOVMe+W3n9
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T127260241F198FCC4C84B10F7AD79EA58641FFB9C4679892A3967B60A58F36433827D0E
sha3_384: 9188d4390b01d09c9f38e4471f9128882895420e740fd55fba7de7aca984c4c0f29ac7a0b4fc8fcf9efeff9dc8225ace
ep_bytes: 558bec83c4d453565733c08945f08945
timestamp: 1992-06-19 22:22:17


Version Info:

Comments: This installation was built with Inno Setup: http://www.innosetup.com
CompanyName:                                                             
FileDescription: PCI Settings driver Setup                                   
FileVersion:                     
InternalName: 
OriginalFilename: 
ProductName: 
ProductVersion: 
Translation: 0x0409 0x04e4

Cerbu.199167 also known as:

BkavW32.Common.91B0329F
LionicTrojan.Win32.Generic.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Cerbu.199167
FireEyeGen:Variant.Cerbu.199167
CAT-QuickHealTrojan.Cerbu
SkyhighBehavesLike.Win32.Genericuh.rc
McAfeeArtemis!BF80F3454234
MalwarebytesGeneric.Malware.AI.DDS
SangforTrojan.Win32.Agent.V3du
VirITTrojan.Win32.Genus.UWP
APEXMalicious
CynetMalicious (score: 100)
BitDefenderGen:Variant.Cerbu.199167
AvastWin32:Malware-gen
EmsisoftGen:Variant.Cerbu.199167 (B)
VIPREGen:Variant.Cerbu.199167
IkarusGen.Munp
GDataGen:Variant.Cerbu.199167
GoogleDetected
ArcabitTrojan.Cerbu.D309FF
VaristW32/Agent.ZLVE-4261
AhnLab-V3Malware/Win.Malware-gen.R631058
ALYacGen:Variant.Cerbu.199167
MAXmalware (ai score=87)
Cylanceunsafe
PandaTrj/Chgt.AD
TrendMicro-HouseCallTROJ_GEN.R002H0CAS24
MaxSecureTrojan.Malware.223006262.susgen
FortinetW32/PossibleThreat
AVGWin32:Malware-gen
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_70% (W)

How to remove Cerbu.199167?

Cerbu.199167 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment