high
Summary
Summary
Action- More Information
| Protection available since | 30 November 2004 14:31:33 (GMT) |
|---|---|
| Detected by | All Sophos products |
Free virus scan
- Free virus, spyware, and adware scan
- Test your existing anti-virus protection
- Find threats your anti-virus missed
Action
- Summary
- Action
- More Information
Please follow the instructions for removing worms.
More Information
Symb/Cabir-B is a worm written specifically for Nokia Series 60 mobile phones running the Symbian operating system.
Once running Symb/Cabir-B attempts to send itself to bluetooth-enabled devices found in the proximity of the infected mobile phone.
The Symb/Cabir-B file camtimer.sis may be installed by Troj/Skulls-B.
Symb/Cabir-B installs two files (camtimer.rsc and camtimer.app) which are parts of a non-malicious camera timer application. Symb/Cabir-B spreads as a Symbian SIS package named camtimer.sis. The package contains the following components extracted to ./System/Apps, ./System/CARIBESECURITYMANAGER and ./System/Recogs:
./system/apps/CamTimer/camtimer.rsc
./system/apps/CamTimer/camtimer.app
./system/apps/caribe/flo.mdl
./system/apps/caribe/caribe.rsc
./system/apps/caribe/caribe.app
./system/CARIBESECURITYMANAGER/caribe.rsc
./system/CARIBESECURITYMANAGER/caribe.app
./system/CARIBESECURITYMANAGER/CAMTIMER.sis
./system/RECOGS/flo.mdl
Flo.mdl is a DLL that uses the EZBoot mechanism to attempt to launch the Symb/Cabir-B appliction file caribe.app when the device is powered on.
|
