Cerber version 4.1.1!
GrujaRS Level 5 Thread author Verified Well-known Aug 7, 2016 228 Nov 1, 2016 #1 Cerber version 4.1.1! Last edited by a moderator: Nov 5, 2016 Reactions: Anker_by, tim one, frogboy and 5 others
D Dirk41 Level 17 Verified Top Poster Well-known Mar 17, 2016 797 Nov 4, 2016 #2 Probably it is not the first time , but I notice only now that UAC says that the verified publisher is MS Thank you for sharing Reactions: Logethica, frogboy and Der.Reisende
Probably it is not the first time , but I notice only now that UAC says that the verified publisher is MS Thank you for sharing
adnage19 Level 5 Verified Well-known Sep 22, 2016 211 Nov 4, 2016 #3 Dirk41 said: Probably it is not the first time , but I notice only now that UAC says that the verified publisher is MS Thank you for sharing Click to expand... UAC says that about CMD It's an original commandline app used by the ransomware. Reactions: DardiM, Der.Reisende, ZeroDay and 1 other person
Dirk41 said: Probably it is not the first time , but I notice only now that UAC says that the verified publisher is MS Thank you for sharing Click to expand... UAC says that about CMD It's an original commandline app used by the ransomware.
D Dirk41 Level 17 Verified Top Poster Well-known Mar 17, 2016 797 Nov 4, 2016 #4 Anyway it can confuse inexperienced users
adnage19 Level 5 Verified Well-known Sep 22, 2016 211 Nov 4, 2016 #5 Dirk41 said: Anyway it can confuse inexperienced users Click to expand... Well, how it should work then? It does its job. Reactions: Der.Reisende and Dirk41
Dirk41 said: Anyway it can confuse inexperienced users Click to expand... Well, how it should work then? It does its job.
D Dirk41 Level 17 Verified Top Poster Well-known Mar 17, 2016 797 Nov 4, 2016 #6 The smartscreen shows cerber.exe . Is that a name set by the reviewer or it is shipped really with its real name ? Reactions: Der.Reisende
The smartscreen shows cerber.exe . Is that a name set by the reviewer or it is shipped really with its real name ?
adnage19 Level 5 Verified Well-known Sep 22, 2016 211 Nov 4, 2016 #7 Dirk41 said: The smartscreen shows cerber.exe . Is that a name set by the reviewer or it is shipped really with its real name ? Click to expand... It's just a name of this executed file Reactions: Dirk41 and Der.Reisende
Dirk41 said: The smartscreen shows cerber.exe . Is that a name set by the reviewer or it is shipped really with its real name ? Click to expand... It's just a name of this executed file
D Dirk41 Level 17 Verified Top Poster Well-known Mar 17, 2016 797 Nov 5, 2016 #8 adnage19 said: It's just a name of this executed file Click to expand... Smartscreen would have blocked it even with another name ?
adnage19 said: It's just a name of this executed file Click to expand... Smartscreen would have blocked it even with another name ?
adnage19 Level 5 Verified Well-known Sep 22, 2016 211 Nov 5, 2016 #9 Dirk41 said: Smartscreen would have blocked it even with another name ? Click to expand... Yes, file name has nothing to do with that. This file is uknown and suspicious for the SmartScreen so it blocked that. But SmartScreen doesn't look at the name or something. Reactions: DardiM, Der.Reisende and Dirk41
Dirk41 said: Smartscreen would have blocked it even with another name ? Click to expand... Yes, file name has nothing to do with that. This file is uknown and suspicious for the SmartScreen so it blocked that. But SmartScreen doesn't look at the name or something.
DardiM Level 26 Verified Honorary Member Top Poster Malware Hunter Well-known May 14, 2016 1,597 Nov 5, 2016 #10 Thanks for the video review Antivirus scan for a31eb55003834823679085184dbdc0946ffd0037567bd2c088d16e6e95b0d913 at 2016-11-04 06:38:25 UTC - VirusTotal A remark : At UAC prompt, "yes" was clicked => to show the behavior of the sample. Last edited: Nov 5, 2016 Reactions: Logethica, Der.Reisende, Anker_by and 1 other person
Thanks for the video review Antivirus scan for a31eb55003834823679085184dbdc0946ffd0037567bd2c088d16e6e95b0d913 at 2016-11-04 06:38:25 UTC - VirusTotal A remark : At UAC prompt, "yes" was clicked => to show the behavior of the sample.
D Dirk41 Level 17 Verified Top Poster Well-known Mar 17, 2016 797 Nov 6, 2016 #11 DardiM said: Thanks for the video review Antivirus scan for a31eb55003834823679085184dbdc0946ffd0037567bd2c088d16e6e95b0d913 at 2016-11-04 06:38:25 UTC - VirusTotal A remark : At UAC prompt, "yes" was clicked => to show the behavior of the sample. Click to expand... Don't you think it would be useful to click no sometimes to see if there are UAC exploit? Reactions: Logethica and Der.Reisende
DardiM said: Thanks for the video review Antivirus scan for a31eb55003834823679085184dbdc0946ffd0037567bd2c088d16e6e95b0d913 at 2016-11-04 06:38:25 UTC - VirusTotal A remark : At UAC prompt, "yes" was clicked => to show the behavior of the sample. Click to expand... Don't you think it would be useful to click no sometimes to see if there are UAC exploit?
DardiM Level 26 Verified Honorary Member Top Poster Malware Hunter Well-known May 14, 2016 1,597 Nov 6, 2016 #12 Dirk41 said: Don't you think it would be useful to click no sometimes to see if there are UAC exploit? Click to expand... Yes, but I think the purpose of this current video is only to show us the malware in action Reactions: Logethica, Der.Reisende and Dirk41
Dirk41 said: Don't you think it would be useful to click no sometimes to see if there are UAC exploit? Click to expand... Yes, but I think the purpose of this current video is only to show us the malware in action
F ForgottenSeer 55474 Nov 6, 2016 #13 Thanks for the video.it was very informative Reactions: Logethica, Der.Reisende and DardiM
D Dirk41 Level 17 Verified Top Poster Well-known Mar 17, 2016 797 Nov 6, 2016 #14 DardiM said: Yes, but I think the purpose of this current video is only to show us the malware in action Click to expand... Ok but we can all imagine it will encrypt everything . Thank you for the videos of course I appreciate Reactions: Logethica, Der.Reisende and DardiM
DardiM said: Yes, but I think the purpose of this current video is only to show us the malware in action Click to expand... Ok but we can all imagine it will encrypt everything . Thank you for the videos of course I appreciate
DardiM Level 26 Verified Honorary Member Top Poster Malware Hunter Well-known May 14, 2016 1,597 Nov 6, 2016 #15 Dirk41 said: Ok but we can all imagine it will encrypt everything . Thank you for the videos of course I appreciate Click to expand... CyberSecurity GrujaRS likes to show us all the process, from begin, to end It shows the file encryptions, extension, ransowning part, etc Last edited: Nov 6, 2016 Reactions: Logethica, Der.Reisende and Dirk41
Dirk41 said: Ok but we can all imagine it will encrypt everything . Thank you for the videos of course I appreciate Click to expand... CyberSecurity GrujaRS likes to show us all the process, from begin, to end It shows the file encryptions, extension, ransowning part, etc