What is “Trojan:Win32/Cerber!pz”?

The Trojan:Win32/Cerber!pz is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan:Win32/Cerber!pz virus can do?

Sample contains Overlay data
The binary contains an unknown PE section name indicative of packing
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine Trojan:Win32/Cerber!pz?


File Info:
name: B125C60DD8F118A3A49C.mlw
path: /opt/CAPEv2/storage/binaries/1829f316f7af8f243b71fdecb7f650e194752567f28cffd8ff36362b644e0f24
crc32: 903E011F
md5: b125c60dd8f118a3a49c766c30f90cc2
sha1: 270817bac69c77c74e86b7d931df9e3eb2d59f4a
sha256: 1829f316f7af8f243b71fdecb7f650e194752567f28cffd8ff36362b644e0f24
sha512: 558ed77371759afb2d3d1f13c082dfbb94ffe7ba68a0b2182d63a0b56a47f5ed5b3c5348858764d24669f31e4470cc6f158f1fcc0bd1f285c72afd8fa5b9ea5f
ssdeep: 3072:bf6dEGX7Abaie3ejQLx31hVXC+BPnYA5LY6RUflXbbNk:bf6dEGL2BgPYAJY6RUdXHa
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T198446C9B35399FD2DE0103782167C6B3F3199A3FC3BAF79A0474B998122761C58B9784
sha3_384: 488caeff3f974d32f848a3f73e4e2391a7132834e600351dbbf602776db6c583f5432bfdb94129948a81721ffc42f337
ep_bytes: 00000000000000000000000000000000
timestamp: 2011-09-04 22:06:51

Version Info:
0: [No Data]

Trojan:Win32/Cerber!pz also known as:

Bkav	W32.AIDetectMalware
Skyhigh	BehavesLike.Win32.Generic.dz
McAfee	GenericRXVP-XD!B125C60DD8F1
Malwarebytes	Generic.Malware.AI.DDS
Sangfor	Suspicious.Win32.Save.a
Cybereason	malicious.ac69c7
Baidu	Win32.Trojan-Spy.Quart.a
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
Cynet	Malicious (score: 100)
APEX	Malicious
ClamAV	Win.Malware.Padodor-10012877-0
Kaspersky	HEUR:Backdoor.Win32.Convagent.gen
Avast	Win32:Evo-gen [Trj]
Sophos	ML/PE-A
F-Secure	Trojan.TR/Crypt.ZPACK.Gen2
DrWeb	BackDoor.IRC.Tdongs
TrendMicro	TROJ_GEN.R03BC0DKL23
Trapmine	malicious.moderate.ml.score
FireEye	Generic.mg.b125c60dd8f118a3
Ikarus	Trojan.Win32.Cerber
Varist	W32/Padodor.F.gen!Eldorado
Avira	TR/Crypt.ZPACK.Gen2
Microsoft	Trojan:Win32/Cerber!pz
ZoneAlarm	HEUR:Backdoor.Win32.Convagent.gen
GData	Win32.Trojan.Agent.XLW7LS
Google	Detected
Acronis	suspicious
Cylance	unsafe
TrendMicro-HouseCall	TROJ_GEN.R03BC0DKL23
Rising	Backdoor.Berbew!1.AE0A (CLASSIC)
SentinelOne	Static AI – Malicious PE
MaxSecure	Banker.Win64.Emotet.sb
Fortinet	W32/Qukart.HTI!tr
AVG	Win32:Evo-gen [Trj]
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_90% (W)

How to remove Trojan:Win32/Cerber!pz?

Trojan:Win32/Cerber!pz removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X