Malware

Cerbu.64694 removal

Malware Removal

The Cerbu.64694 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Cerbu.64694 virus can do?

  • Sample contains Overlay data
  • Reads data out of its own binary image
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Touches a file containing cookies, possibly for information gathering

How to determine Cerbu.64694?



File Info:

name: 1C321F8EEA77F1880EDB.mlw
path: /opt/CAPEv2/storage/binaries/01a7dd61d9f4c8654daa51615c3ffd285821539e8e8528c667f44dc5da1d272a
crc32: 69C73A84
md5: 1c321f8eea77f1880edbe179e608a509
sha1: 45f76ba37c022a14807c1667cbe98a3ccad816c2
sha256: 01a7dd61d9f4c8654daa51615c3ffd285821539e8e8528c667f44dc5da1d272a
sha512: b7b898ce2c02ba40e2c5c52a069b3a0d4d63a141a076cb4c1bda8ec41873290eebc9e3370aabfd9eb2a7d6abbdf82357ec98647c6f67b89736eb8e8807695583
ssdeep: 196608:5bMvwSQYrYGJ++sQRn58UdqRjXLH8BU25kEgw/1u9hjzArjpWxpkplwkV4BRKGnE:S6Y8GJeQRn58EqX4rk0uwbG/KGnE
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1D4B63308BBB82471C12B5470AA3D6517DE3E3F320D3DD6A6E72528ACE9F35D0A1246D7
sha3_384: 5900d41dd9cd7a9ecbd17e8c65698a252ddd0f3209ad8c93b6bde39567de43cfb60ba5d07757dfeee213e35f91c65d23
ep_bytes: e85a040000e98efeffff3b0d68d64300
timestamp: 2019-12-05 07:37:23


Version Info:

0: [No Data]

Cerbu.64694 also known as:

MicroWorld-eScanGen:Variant.Cerbu.64694
FireEyeGeneric.mg.1c321f8eea77f188
SkyhighBehavesLike.Win32.Generic.vc
ArcabitTrojan.Cerbu.DFCB6
KasperskyUDS:DangerousObject.Multi.Generic
BitDefenderGen:Variant.Cerbu.64694
NANO-AntivirusVirus.Win32.Gen-Crypt.ccnc
AvastWin32:Evo-gen [Trj]
EmsisoftGen:Variant.Cerbu.64694 (B)
VIPREGen:Variant.Cerbu.64694
SophosGeneric ML PUA (PUA)
SentinelOneStatic AI – Malicious SFX
MAXmalware (ai score=81)
MicrosoftTrojan:Win32/Wacatac.B!ml
ZoneAlarmHEUR:Trojan.Win32.Generic
GDataGen:Variant.Cerbu.64694
CynetMalicious (score: 100)
VBA32BScope.TrojanPSW.MSIL.Reline
ALYacGen:Variant.Cerbu.64694
ZonerProbably Heur.ExeHeaderL
RisingTrojan.Generic@AI.100 (RDML:Rw28v5kbhR7UHLOM00t/wg)
MaxSecureTrojan.Malware.121218.susgen
AVGWin32:Evo-gen [Trj]
CrowdStrikewin/grayware_confidence_60% (D)

How to remove Cerbu.64694?

Cerbu.64694 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment