SymbOS/Comwar.v10.VAR!worm

Alias/esWorm.SymbOS.Comwar.b, SymbOS/Commwarrior.i!exe, Symb/Comwar-A, SymbOS.Worm.CommWar.B, SymbOS/CommWarrior.F, SymbOS/ComWar.A.worm, SymbOS/CommWarrior.A, SYMBOS/Comwar.B, Symbian.Commwar, SymbOS/Comwar.1.0.A.VAR!worm, SymbOS/Comwar.B!worm
Release DateMay 18, 2006
Detection Availability
Active DatabaseExtended Database
FortiGatelowhigh
FortiClient
FortiMailN/A
Current Antivirus Definition Database Version: 12.196
Description

Visible Symptoms

  • An infected phone may experience rapid battery power loss due to the constant efforts by the virus to infect other phones via a Bluetooth seek-and-connect outreach

  • Creation of files in the relative system path on an infected phone, such as the following:

    \system\data\IloveLeslie\LeslieLoves.exe
    \system\data\IloveLeslie\RecQWRD.mdl

Detailed Analysis

  • This detection is for samples that are very similar to SymbOS/Comwar.v10!worm. These are usually binary edited samples of the original worm.

  • The message and dropped files of these samples vary.

  • Some observed filenames of dropped files are the following:

    • \system\data\IloveLeslie\LeslieLoves.exe
    • \system\data\IloveLeslie\RecQWRD.mdl

Description Last Updated Date: Mar 11, 2008
Reference: ID - 431505