VirusSymbOS/Appdisabler.C!tr
Analysis
SymbOS/Appdisabler.C!tr - 06-08-02
General Info:
This threat has a file size: 79221
Installation to System:
- Drops the following files:
C:\system\apps\RINUMenu\RINUMenu.APP !:\system\apps\RAGHUMenu\RAGHUMENU.APP !:\system\apps\RAGHU\RAGHU.app C:\Images\RAGHU.txt C:\Images\raghu crack.jpg C:\Images\image(03).jpg
More Info:
1. It is a Symbian virus, packed in .sis format.
2. The following message will show on the screen during the installation:
VIRUS BORN IN SURAT(GUJRAT/INDIA/ASIA).
THE NAME OF THIS VIRUS IS RAGHU....
U KNOW WHY....????????
BECAUSE I LIKE VASTAV MOVIE AND SANJU BABA.
U LIKE THIS VIRUS?
SO MANY SOFTWARE CRACKS AND VIRUS AVAILABLE SOON....
RAGHU NAM HE RAGHU...
3. Drops the following files to disable the relevant applications in the phone:
!:\system\apps\answrec\answrec.app
!:\system\apps\blacklist\blacklist.app
!:\system\apps\bluejackx\bluejackx.app
!:\system\apps\callcheater\callcheater.app
!:\system\apps\callmanager\callmanager.app
!:\system\apps\camcoder\camcoder.app
!:\system\apps\camerafx\camerafx.app
!:\system\apps\eticamcorder\eticamcorder.app
!:\system\apps\etimoviealbum\etimoviealbum.app
!:\system\apps\etiplayer\etiplayer.app
!:\system\apps\extendedrecorder\extendedrecorder.app
...
These files are 6 bytes in size.
Telemetry
Detection Availability
| FortiClient | |
|---|---|
| Extreme | |
| FortiMail | |
| Extreme | |
| FortiSandbox | |
| Extreme | |
| FortiWeb | |
| Extreme | |
| Web Application Firewall | |
| Extreme | |
| FortiIsolator | |
| Extreme | |
| FortiDeceptor | |
| Extreme | |
| FortiEDR |