SymbOS/Multidr.R!tr - Released Jan 30, 2006 - Last Updated Mar 02, 2007
|
Alias/esTrojan.SymbOS.Skuller.s, SymbOS/MultiDropper.r!sis trojan, SYMBOS_SKULLS.W, SymbOS/Skulls.S |
Visible SymptomsIt disables other applications when the system is infected.
It changes some applications' icon with an image of a skull.
A message is displayed:
Install LiveUpdate Wireless?
|
|
Detailed AnalysisIt is a Symbian virus, packed in .sis format.
It drops files to disable some built-in and widely used applications.
It drops the following files which are variants of SymbOS/Cabir.A!worm:
- C:\System\Recogs\mod.mdl
- C:\System\Apps\skulls\mod.mdl
- C:\System\Apps\skulls\skulls.app
- C:\System\skullsxsecuredata\skullsxsecuredata\skullssecuritymanager\skulls.app
- C:\System\skullsxsecuredata\skullsxsecuredata\skullssecuritymanager\system\apps\skulls\mod.mdl
- C:\System\skullsxsecuredata\skullsxsecuredata\skullssecuritymanager\system\apps\skulls\skulls.app
It displays the following message:
Install LiveUpdate Wireless?
|
|
Recommended ActionDeletes all virus files using a file manager program.
Reinstalls the overwritten applications. |
