Troj/Skulls-F

Kategorie: Viren und Spyware Schutz verfügbar seit:29 Aug 2006 00:00:00 (GMT)
Typ: Trojan Zuletzt aktualisiert:29 Aug 2006 00:00:00 (GMT)
Verbreitung:

Download Kostenloses Virus Removal Tool downloaden – Finden Sie Bedrohungen, die Ihre Virenschutzsoftware übersehen hat

Troj/Skulls-F is a Trojan for mobile devices compatible with Nokia Series 60 running the Symbian operating system.

The Trojan may have been planted by the Trojan writer on a website containing free and illegal copies of applications for Symbian as a Symbian SIS installation file simworks.sis.

The Trojan drops a variant of the Cabir worm detected by Sophos as Symb/Cabir-C. Troj/Skulls-F also installs the Troj/Mosqit-A Symbian Trojan.

Troj/Skulls-F installs an animated GIF of a skull that is displayed once the device is rebooted. The image flashes and contains the text "WARNING!!! Device Have Been Attact By Virus A,Tee ,yuan ,Blue".

When installing the file on the device the operating system first displays several security warnings. The installation file is crafted so that the following box is displayed during the installation:

Caption: "Simworks"
Text: "New Antivirus it will destroy all viruses that was created."

Troj/Skulls-F drops corrupt files in the location of known anti-virus booting up programs and file managers in order to disable security and file management tools. This makes removal of the Trojan difficult. The files installed with the Trojan are:

.\system\SYMBIANSECUREDATA\CARIBESECURITYMANAGER\SEXXXY.SIS
.\system\recogs\$$$.DAT
.\system\recogs\AVBoot.mdl
.\system\recogs\cabir-c.dat
.\system\recogs\cabir-c.md2
.\system\recogs\check.html
.\system\recogs\check.log
.\system\recogs\flo.mdl
.\system\recogs\FSRec.mdl
.\system\recogs\kl_antivirus.mdl
.\system\recogs\lmlaunch.mdl
.\system\recogs\mav_boot.mdl
.\system\recogs\record.dat
.\system\recogs\sweep.vdl
.\system\recogs\vireng.log
.\system\recogs\YYSBootRec.mdl
.\system\programs\lmsmssrv.exe
.\system\Parsers\FSBioMessageParser.dll
.\system\MALAYSIAJOHOR--jb\yuanV3-diy-by-7022207\free$8.APP
.\system\MALAYSIAJOHOR--jb\yuanV3-diy-by-7022207\free$8.RSC
.\system\libs\lmpro.mbm
.\system\libs\lmuserinterface.dll
.\system\libs\obframework.dll
.\system\libs\softwarecopier200.dll
.\system\libs\tmhttplayer.dll
.\system\libs\trnsmngr.dll
.\system\libs\FS\FSMonitor.dll
.\system\libs\FS\FSServerLauncher.exe
.\system\install\autoexecdaemon.SIS
.\system\install\comcoder.SIS
.\system\data\0010155.cfg
.\system\data\lcspro.cfg
.\system\data\lcsprocctax.cfg
.\system\bif\AVBioIcons.mbm
.\system\bif\FSBioMessage.bif
.\system\apps\[YUAN]\flo.mdl
.\system\apps\[YUAN]\[YUAN].aif
.\system\apps\[YUAN]\[YUAN].app
.\system\apps\[YUAN]\[YUAN].rsc
.\system\apps\[YUAN]\[YUAN]_CAPTION.rsC
.\system\apps\SystemExplorer\flo.mdl
.\system\apps\SystemExplorer\SystemExplorer.aif
.\system\apps\SystemExplorer\SystemExplorer.app
.\system\apps\SystemExplorer\SystemExplorer.rsc
.\system\apps\SystemExplorer\SystemExplorer_CAPTION.rsC
.\system\apps\SmartMovie\flo.mdl
.\system\apps\SmartMovie\SmartMovie.aif
.\system\apps\SmartMovie\SmartMovie.app
.\system\apps\SmartMovie\SmartMovie.rsc
.\system\apps\SmartMovie\SmartMovie_CAPTION.rsC
.\system\apps\SmartFileMan\flo.mdl
.\system\apps\SmartFileMan\SmartFileMan.aif
.\system\apps\SmartFileMan\smartfileman.app
.\system\apps\SmartFileMan\SmartFileMan.rsc
.\system\apps\SmartFileMan\SmartFileMan_CAPTION.rsC
.\system\apps\pjBLUE\pjBLUE.aif
.\system\apps\pjBLUE\pjBLUE.APP
.\system\apps\pjBLUE\pjBLUE_CAPTION.rsC
.\system\apps\OIDI500\OIDI500.aif
.\system\apps\OIDI500\OIDI500.app
.\system\apps\OIDI500\OIDI500.mdl
.\system\apps\OIDI500\OIDI500.rsc
.\system\apps\nokiafile\data.cfg
.\system\apps\nokiafile\img.mbm
.\system\apps\nokiafile\nokiafile.aif
.\system\apps\nokiafile\nokiafile.app
.\system\apps\nokiafile\nokiafile.id0
.\system\apps\nokiafile\nokiafile.id1
.\system\apps\nokiafile\nokiafile.nam
.\system\apps\nokiafile\nokiafile.rsc
.\system\apps\nokiafile\nokiafile.til
.\system\apps\nokiafile\nokiafile_caption.rsc
.\system\apps\nokiaapps\nokiaapps.app
.\system\apps\nokiaapps\nokiaapps_CAPTION.rsC
.\system\apps\Mosquitos\addon1.pcm
.\system\apps\Mosquitos\addon21.pcm
.\system\apps\Mosquitos\addon22.pcm
.\system\apps\Mosquitos\audio.dat
.\system\apps\Mosquitos\gameover.pcm
.\system\apps\Mosquitos\menuswitch.pcm
.\system\apps\Mosquitos\Mosquitos.aif
.\system\apps\Mosquitos\Mosquitos.app
.\system\apps\Mosquitos\Mosquitos.rsc
.\system\apps\Mosquitos\Mosquitos_caption.rsc
.\system\apps\Mosquitos\ragg.pcm
.\system\apps\Mosquitos\raggc.pcm
.\system\apps\Mosquitos\saugen.pcm
.\system\apps\Mosquitos\shoot.pcm
.\system\apps\Mosquitos\shoothit.pcm
.\system\apps\Mosquitos\winken.pcm
.\system\apps\Menu\menu.aif
.\system\apps\Menu\Menu.app
.\system\apps\iLoveU\flo.mdl
.\system\apps\iLoveU\iLoveU.app
.\system\apps\iLoveU\iLoveU.rsc
.\system\apps\guan4u\flo.mdl
.\system\apps\guan4u\guan4u.app
.\system\apps\guan4u\guan4u.rsc
.\system\apps\Gavno.=D\Gavno.=D.app
.\system\apps\Gavno.=D\Gavno.=D.rsc
.\system\apps\Gavno.=D\Gavno.=D_caption.rsc
.\system\apps\Gavno.=D\I.think.it's.gavno.C.=D\viewme=D.png
.\system\apps\fuyuan\flo.mdl
.\system\apps\fuyuan\fuyuan.app
.\system\apps\fuyuan\fuyuan.rsc
.\system\apps\FSCaller\camera0.dll
.\system\apps\FSCaller\camera1.dll
.\system\apps\FSCaller\CAMERASERVER.DLL
.\system\apps\FSCaller\FSCaller.aif
.\system\apps\FSCaller\FSCaller.app
.\system\apps\FSCaller\FSCaller.mbm
.\system\apps\FSCaller\FSCaller.rsc
.\system\apps\FSCaller\FSCaller_Caption.rsc
.\system\apps\FSCaller\pixel.mbm
.\system\apps\FREAKBtUi\FREAKBtUi.aif
.\system\apps\FREAKBtUi\freakbtui.app
.\system\apps\FREAKBtUi\FREAKBtUi.R01
.\system\apps\FREAKBtUi\FREAKBtUi.R13
.\system\apps\FREAKBtUi\FREAKBtUi_CAPTION.r01
.\system\apps\FREAKBtUi\FREAKBtUi_CAPTION.R13
.\system\apps\File\File.aif
.\system\apps\File\file.app
.\system\apps\File\File.rsc
.\system\apps\File\File_CAPTION.rsC
.\system\apps\File\flo.mdl
.\system\apps\FExplorer\FExplorer.aif
.\system\apps\FExplorer\FExplorer.app
.\system\apps\FExplorer\FExplorer.rsc
.\system\apps\FExplorer\FExplorer_CAPTION.rsC
.\system\apps\FExplorer\flo.mdl
.\system\apps\Disinfect\Disinfect.app
.\system\apps\Decabir\DECABIR.APP
.\system\apps\data\data.app
.\system\apps\data\data_CAPTION.rsC
.\system\apps\caribe\caribe.app
.\system\apps\caribe\caribe.rsc
.\system\apps\caribe\flo.mdl
.\system\apps\cabirfix\cabirfix.app
.\system\apps\BtUi\BTUI.aif
.\system\apps\BtUi\BTUI.app
.\system\apps\BtUi\BTUI.R01
.\system\apps\BtUi\BTUI.R13
.\system\apps\BtUi\BTUI_CAPTION.r01
.\system\apps\BtUi\BTUI_CAPTION.R13
.\system\apps\bootdata\bootdata.app
.\system\apps\bootdata\bootdata_CAPTION.rsC
.\system\apps\AppInst\Appinst.aif
.\system\apps\AppInst\Appinst.app
.\system\apps\AntiVirus\AntiVirus.aif
.\system\apps\AntiVirus\Antivirus.app
.\system\apps\AntiVirus\AntiVirus.hlp
.\system\apps\AntiVirus\AntiVirus.lsc
.\system\apps\AntiVirus\AntiVirus.mbm
.\system\apps\AntiVirus\AntiVirus.rsc
.\system\apps\AntiVirus\AVServer.exe
.\system\apps\AntiVirus\Definitions.dat
.\system\apps\Anti-Virus\admin.pub
.\system\apps\Anti-Virus\Anti-Virus.aif
.\system\apps\Anti-Virus\Anti-Virus.app
.\system\apps\Anti-Virus\Anti-Virus.rsc1
.\system\apps\Anti-Virus\Anti-Virus.rsc2
.\system\apps\Anti-Virus\Anti-Virus.rsc3
.\system\apps\Anti-Virus\Anti-Virus.rsc4
.\system\apps\Anti-Virus\Anti-Virus.rsc5
.\system\apps\Anti-Virus\Anti-Virus.rsc6
.\system\apps\Anti-Virus\AntiVirusIcons.mbm
.\system\apps\Anti-Virus\FSAV.dll
.\system\apps\Anti-Virus\FSAVDT.exe
.\system\apps\Anti-Virus\FSAVEPOC.DAT
.\system\apps\Anti-Virus\FsAVKey00000000.bin
.\system\apps\Anti-Virus\FsAVUpdater.aif
.\system\apps\Anti-Virus\FsAVUpdater.app
.\system\apps\Anti-Virus\FsAVUpdater.rsc1
.\system\apps\Anti-Virus\FsAVUpdater.rsc2
.\system\apps\Anti-Virus\FsAVUpdater.rsc3
.\system\apps\Anti-Virus\FsAVUpdater.rsc4
.\system\apps\Anti-Virus\FsAVUpdater.rsc5
.\system\apps\Anti-Virus\FsAVUpdater.rsc6
.\system\apps\Anti-Virus\FSHttpManager.dll
.\system\apps\Anti-Virus\FsMonitorPluginAV.dll
.\system\apps\Anti-Virus\FSSched.app
.\system\apps\Anti-Virus\FSSched.rsc1
.\system\apps\Anti-Virus\FSSched.rsc2
.\system\apps\Anti-Virus\FSSched.rsc3
.\system\apps\Anti-Virus\FSSched.rsc4
.\system\apps\Anti-Virus\FSSched.rsc5
.\system\apps\Anti-Virus\FSSched.rsc6
.\system\apps\Anti-Virus\FSSMSManager.dll
.\system\apps\Anti-Virus\FSUpdateManager.dll
.\system\apps\Anti-Virus\backup\AVBioIcons.mbm
.\system\apps\Anti-Virus\backup\FSBioMessage.bif
.\system\apps\Anti-Virus\backup\FSBioMessageParser.dll
.\system\apps\22207-\22207-.app
.\system\apps\22207-\22207-.rsc
.\system\apps\22207-\flo.mdl
.\system\apps\-SEXY-\-SEXY-.app
.\system\apps\-SEXY-\-SEXY-.rsc
.\system\apps\-SEXY-\flo.mdl

Download Sophos Produkte kostenlos testen
Jetzt downloaden

© 1997 - 2012 Sophos Ltd. Alle Rechte vorbehalten. Rechtliche Hinweise Datenschutzrichtlinie Impressum