Posts Tagged "5minut1.exe"

There are 1 results found

5minut1 – excellent zero day test of Cerberus

5minut1.exe – This is an excellent example of a zero day test for Cerberus. This test demonstrates that Cerberus can find new zero day threats where others could not. In this case, only 1 of 51 threat protection solutions could detect this virus that acts somewhat like a worm. Cerberus detected 5minut1 immediately and controlled and then finally quarantined this bug!

5minut1.exe is a good example of Cerberus’ unique protection. Remember, when new threats are found, they may have been installed on many, many computers for a very long time. Sometimes, this type of zero day malware is not only annoying like 5minut1 but, instead, very destructive. Sometimes, it has been years until the active threat has been identified.

5minut1 has very interesting behavior as you will see below. This type of testing shows that Cerberus can find zero day malware long before other types of threat protection software. This is because Cerberus is signature-free.

This testing was done on April 15, 2014. This is the same day this new variant was added to the VXVault:

On April 13, 2014, Virus Total reported that only 1 of 51 internet security programs were able to detect 5minut1. When we tested, Microsoft Security Essentials did not identify this virus. Cerberus detected this new malware immediately!


The effect of 5minut1 was to launch an unframed, full-screen Internet Explorer advertising page about every 3 minutes. These unframed, full-screen pages are annoying not only because of the advertising or objectionable material they contain. They also don’t have the customary delete and minimize buttons. With this type of virus, one never knows whether there is something more dangerous lurking while this full screen window is dominating your screen. Or that may be triggered if you try to get rid of the window.

In this case, 5minut1 shows evidence of being self-mutating. Different variants seem to have been reported to different repositories. This complicates detecting this type of malware by traditional means. But it also highlights the importance of Cerberus which doesn’t care if the malware mutates. Cerberus will continue to find it!

5minut1 attempted to stay below some threshold and was somewhat adaptive in an attempt to escape detection. However, Cerberus detected 5minut1 immediately. Because of the adaptive nature of 5minut1, Cerberus contained and then relaxed it 22 times! before finally declaring it malicious and quarantining it. But Cerberus suppressed the advertising payload every time. However, 5minut1 would continue launching a blank IE window until it was finally quarantined.

All in all we consider this a resounding test of Cerberus’ unique capability and proof that it is a valuable addition to anyone’s internet security!

To begin the download of your free two week trial of Cerberus, simply click License sales are exclusively through Digital River and you can go to their MyCommerce site to purchase a license by clicking on