SymbOS/Fontal.A!tr

Alias/esTrojan.SymbOS.Fontal.d, Troj/Doomboot-J, SymbOS/Fontal.D
Release DateOct 12, 2006
Detection Availability
Active DatabaseExtended Database
FortiGatelowhigh
FortiClient
FortiMailN/A
Current Antivirus Definition Database Version: 12.323
Description

Visible Symptoms

.

Detailed Analysis

  • It is a Symbian virus, packed in .sis format.

  • Pretends to be a sis pack of "Speed Overclock v3.41" to cheat user to install it.

  • Displays the following message prompting the user to install:
    • 	This Installation was created with KVT Symbian Installer.
	Get it free from :
	www.kvtsoft.vze.com
	by Kheng Vantha
	---------------
	This will incrase the phones speed! 
	Please retsart after installation! 
	Regards DFT(c)
  • Installs the following corrupted Font file into infected device:
    • C:\Fonts\Yeah Im in da house!!.gdr
  • Drops the following files which are variants of worm Commwarrior:
    • C:\CommWarrior.A.sis
    • C:\Speed Overclock v3.41.sis
  • Drops the following image file:
    • C:\Your Welcome.gif
    Reference: ID - 99246