SymbOS/Bootton.E!tr

Alias/esTrojan.SymbOS.Bootton.e (KAV)
Release DateMay 12, 2006
Detection Availability
Active DatabaseExtended Database
FortiGatelowhigh
FortiClient
FortiMailN/A
Current Antivirus Definition Database Version: 12.196
Description

Visible Symptoms

  • The mobile phone will reboot.

    • Detailed Analysis

  • It is a Symbian SIS archive. The following message will show on the screen during the installation:




    • Figure 1: Post-install display

  • Upon installation, it drops the following files (528 Bytes):
    • !:\System\Data\Profiles\Profile0.dat
    • !:\System\Data\Profiles\Profile1.dat
    • !:\System\Data\Profiles\Profile2.dat
    • !:\System\Data\Profiles\Profile3.dat
    • !:\System\Data\Profiles\Profile4.dat
    • !:\System\Data\Profiles\Profile5.dat
    which will overwrite the default profile settings. Then, it drops and executes the following EXE files to make the phone reboot:
    • !:\System\Data\Profiles\Profiles.exe
    • !:\System\Data\Profiles\Remove.exe

    Description Last Updated Date: May 18, 2009
    Reference: ID - 251833