Mobilfunk-FAQ - Einzelnen Beitrag anzeigen

Hangman · 25.06.2007, 23:15

Risiko: sehr gering
Typ: Trojaner
entdeckt am: 26. Oktober 2006
auch bekannt als: AppDisabler.J [F-Secure]

Information:

SymbOS.Appdisabler.J is a Trojan horse that runs on the Symbian OS, which is used as the operating system for Nokia Series 60 cellular telephones. It attempts to disable a number of Symbian applications by overwriting their main executable files.

When a user opens the Trojan's .sis file, the phone installer will display a dialog to warn users that the application may be coming from an untrusted source and may cause potential problems.

technische Details:

When SymbOS.Appdisabler.J is executed, it performs the following actions:

If the user clicks yes, the device displays the following message prompting the user to install the threat:

Install
MyDoom

Drops the following files:

C:\System\Apps\About\About.app
C:\System\Apps\AppInst\Appinst.app
C:\System\Apps\AppMngr\Appmngr.app
C:\System\Apps\Browser\Browser.app
C:\System\Apps\BtUi\BtUi.app
C:\System\Apps\DdViewer\DdViewer.app
C:\System\Apps\FileManager\FileManager.app
C:\System\Apps\IrApp\IrApp.app
C:\System\Apps\mce\mce.app
C:\System\Apps\MediaGallery\MediaGallery.app
C:\System\Apps\MediaPlayer\MediaPlayer.app
C:\System\Apps\mmcapp\mmcapp.app
C:\System\Apps\NSmlDSSync\NSmlDSSync.app
C:\System\Apps\SchemeApp\SchemeApp.app
C:\System\Apps\symcs\symcs.app
C:\System\Apps\symlu\symlu.app
C:\System\Apps\SysAp\SysAp.app

Drops the following files to the compromised device's memory card:

E:\System\Apps\SystemExplorer\SystemExplorer.app, which is a text file and 29 bytes in length.

Creates the following file:

\system\install\

Note: This file is actually created by the Installer, not the threat.

weitere Informationen...

25.06.2007, 23:15	#1 (Permalink)
Hangman Administrator Avatare sind nur für MFF-Mitglieder sichtbar! Bike Mania Champion! Registriert seit: 17.04.2006 Ort: Erfurt Beiträge: 3.363 Downloads: 336 Uploads: 315 Abgegebene Danke: 43 Erhielt 455 Danke für 244 Beiträge	[SymbianOS] SymbOS.Appdisabler.J Risiko: sehr gering Typ: Trojaner entdeckt am: 26. Oktober 2006 auch bekannt als: AppDisabler.J [F-Secure] Information: SymbOS.Appdisabler.J is a Trojan horse that runs on the Symbian OS, which is used as the operating system for Nokia Series 60 cellular telephones. It attempts to disable a number of Symbian applications by overwriting their main executable files. When a user opens the Trojan's .sis file, the phone installer will display a dialog to warn users that the application may be coming from an untrusted source and may cause potential problems. technische Details: When SymbOS.Appdisabler.J is executed, it performs the following actions: If the user clicks yes, the device displays the following message prompting the user to install the threat: Install MyDoom Drops the following files: C:\System\Apps\About\About.app C:\System\Apps\AppInst\Appinst.app C:\System\Apps\AppMngr\Appmngr.app C:\System\Apps\Browser\Browser.app C:\System\Apps\BtUi\BtUi.app C:\System\Apps\DdViewer\DdViewer.app C:\System\Apps\FileManager\FileManager.app C:\System\Apps\IrApp\IrApp.app C:\System\Apps\mce\mce.app C:\System\Apps\MediaGallery\MediaGallery.app C:\System\Apps\MediaPlayer\MediaPlayer.app C:\System\Apps\mmcapp\mmcapp.app C:\System\Apps\NSmlDSSync\NSmlDSSync.app C:\System\Apps\SchemeApp\SchemeApp.app C:\System\Apps\symcs\symcs.app C:\System\Apps\symlu\symlu.app C:\System\Apps\SysAp\SysAp.app Drops the following files to the compromised device's memory card: E:\System\Apps\SystemExplorer\SystemExplorer.app, which is a text file and 29 bytes in length. Creates the following file: \system\install\ Note: This file is actually created by the Installer, not the threat. weitere Informationen... __________________ lesen - denken - posten