Cerber Ransomware version 2 contains numerous internal changes as well as changes that will be apparent to the victim. The most apparent change will be that encrypted files will now have the.Cerber2 extension rather than the previously used. The wallpaper has also been changed to a new background that looks like a pixelated screen as shown below. This version removes the weakness that allowed Trend Micro’s Cerber Decryptor to possibly decrypt encrypted files. The encryption to now use the Microsoft API CryptGenRandom to generate the key.
Source: https://www.bleepingcomputer.com/news/security/cerber-ransomware-version-2-released-uses-cerber2-extension/