SymbOS/Comwar.v10.VAR!worm - Released May 18, 2006 - Last Updated Mar 11, 2008
|
Alias/esWorm.SymbOS.Comwar.b, SymbOS/Commwarrior.i!exe, Symb/Comwar-A, SymbOS.Worm.CommWar.B, SymbOS/CommWarrior.F, SymbOS/ComWar.A.worm, SymbOS/CommWarrior.A, SYMBOS/Comwar.B, Symbian.Commwar, SymbOS/Comwar.1.0.A.VAR!worm, SymbOS/Comwar.B!worm |
Detection Availability
|
Visible Symptoms
- An infected phone may experience rapid battery power
loss due to the constant efforts by the virus to infect
other phones via a Bluetooth seek-and-connect outreach
- Creation of files in the relative system path
on an infected phone, such as the following:
\system\data\IloveLeslie\LeslieLoves.exe
\system\data\IloveLeslie\RecQWRD.mdl
|
Detailed Analysis
- This detection is for samples that are very similar to SymbOS/Comwar.v10!worm. These are usually binary edited samples of the original worm.
- The message and dropped files of these samples vary.
- Some observed filenames of dropped files are the following:
- \system\data\IloveLeslie\LeslieLoves.exe
- \system\data\IloveLeslie\RecQWRD.mdl
|
Recommended Action
- Scan the infected device and delete all modules related to this worm.
|