Trojan.SymbOS.Appdisabler.a

tag:Trojans

0 0

This Trojan infects mobile phones running Symbian. The Trojan substitutes non-functional files for some system applications.

The Trojan itself is an SIS installer file for Symbian 60 Series.

The file is 31210 bytes in size, and may be called freetalktime.sis.

Installation

When launching the Trojan installs 53 files to the victim handset:

\raghu.txt (275 bytes)
\Images\raghu.txt (275 bytes)
\Images\raghu crack.jpg (12554 bytes)
\system\apps\0A-RAGHU.txt (201 bytes)
\system\apps\RAGHU\raghu.app (6864 bytes)
\system\apps\RAGHUMenu\raghumenu.app (5332 bytes)
\system\apps\RAGHUMenu\raghumenu.rsc (60 bytes)
\system\apps\RAGHUMenu\RAGHUMenu_caption.rsc (28 bytes)

(The contents of the directories listed below will be overwritten. If a directory does not exist, it will be created:

system\apps\AD7650
system\apps\AnswRec
system\apps\BlackList
system\apps\BlueJackX
system\apps\callcheater
system\apps\CallManager
system\apps\Camcoder
system\apps\camerafx
system\apps\ETICamcorder
system\apps\ETIMovieAlbum
system\apps\ETIPlayer
system\apps\extendedrecorder
system\apps\FaceWarp
system\apps\FExplorer
system\apps\FSCaller
system\apps\Hair
system\apps\HantroCP
system\apps\irremote
system\apps\Jelly
system\apps\KPCaMain
system\apps\Launcher
system\apps\logoMan
system\apps\MIDIED
system\apps\mmp
system\apps\Mp3Go
system\apps\Mp3Player
system\apps\photoacute
system\apps\PhotoEditor
system\apps\Photographer
system\apps\PhotoSafe
system\apps\PhotoSMS
system\apps\PVPlayer
system\apps\RallyProContest
system\apps\realplayer
system\apps\RingMaster
system\apps\SmartAnswer
system\apps\SmartMovie
system\apps\SmsMachine
system\apps\Sounder
system\apps\sSaver
system\apps\SystemExplorer
system\apps\UltraMP3
system\apps\UVSMStyle
system\apps\WILDSKIN

A file will be created in each directory. The file has the same name as the directory and an .app extension. These files are 6 bytes in size, and non-functional. As a consequence, all files which have been overwritten by the Trojan will cease to function, meaning that the infected telephone itself will no longer function correctly.

The raghu.txt file contains the following text:

----R A G H U----

VIRUS BORN IN SURAT(GUJRAT/INDIA/ASIA).

THE NAME OF THIS VIRUS IS RAGHU....
U KNOW WHY....????????

BECAUSE I LIKE VASTAV MOVIE AND SANJU BABA.

U LIKE THIS VIRUS?

SO MANY SOFTWARE CRACKS AND VIRUS AVAILABLE SOON....

RAGHU NAM HE RAGHU...

Ôàéë 0A-raghu.txt ñîäåðæèò ñëåäóþùèé òåêñò:

MY NAME IS -----R A G H U-----

FROM SURAT/GUJARAT/INDIA/ASIA/WORLD/HEVEN/

U LIKE THIS VIRUS?

HA.......HAHA............HAHAHA

WARNING-NEVER INSTALL RAGHU.SIS ITS HARMFULL FOR YOUR MOBILE

previous:Trojan.SymbOS.Fontal.h
previous:Trojan.SymbOS.Appdisabler.j

Virus Source from:

New articles

TROJ_FAKEAV.WKAThis Trojan may be downloaded from the following remote sites: http://{BLOCKED}ogle.info/tre/lena.exe/{random characters} This Trojan adds the foll...TROJ_RANSOM.QOWAThis Trojan may be unknowingly downloaded by a user while visiting malicious websites. This Trojan drops the following copies of itself into the affected sys...TapSnake.ATapSnake.A is a Trojan that affects mobile phones with an Android operating system. Once installed in the phone, it carries out the following actions: ...Trojan.Win32.FraudPack.bkheOnce launched, the program will display a message stating that the computer has been infected by malicious programs: The message is displayed even if there a...Trojan-Dropper.Win32.Agent.cxdOnce activated, the Trojan copies its body and saves it to the Windows system directory as "fvfj.sxo": %System%fvfj.sxo In order to ensure that th...

Hot Articles

Trojan.SymbOS.Appdisabler.a

Computer Virus Clounds