検索:
ホーム   »     »   New Symbian Malware attempts to infect Windows

New Symbian Malware attempts to infect Windows

  • 投稿日:2005年9月27日
  • 脅威カテゴリ:未分類
  • 執筆:ウイルス解析担当者
0


This new symbian malware is similar to other symbian malware in the sense that it overwrites normal files in the system in order to destroy them. However, it has a particularly interesting characteristic where it attempts to spread infection to a computer running in Windows OS. This is because this malware drops these 4 files into the E: directory (which is the memory card):


fsb.exe – BKDR_BERBEW.Q
buburuz.ICO – Icon file for the memory card
autorun.inf – file used to automatically execute fsb.exe
SYSTEM.exe – WORM_WUKILL.B


Thus, when the memory card is inserted into a Windows computer, the file autorun.inf will attempt to execute fsb.exe. Also, the file SYSTEM.exe may not have an automatic startup routine, but since it has the icon of a folder, this could be executed by an unsuspecting user who wants to open this “folder”.

Note: This malware will be detected as SYMBOS_CARDTRP.A


Dropped Files

  • E:DOCUME~1BimLOCALS~1TempMKS0CARIBE.SIS – already detected as SymbOS_CABIR.A
  • E:SYSTEM.exe – already detected as WORM_WUKILL.B
  • E:fsb.exe – already detected as BKDR_BERBEW.Q
  • E:SystemAppsWILDSKINWILDSKIN.App
  • C:SystemAppsWALLETAVMGMTWALLETAVMGMT.App
  • C:SystemAppsVoicerecorderVoicerecorder.app
  • C:SystemAppsVoiceRecVoiceRec.app
  • C:SystemAppsVMVm.app
  • C:SystemAppsVideorecorderVideoRecorder.app
  • C:SystemAppsVCommandVCommand.app
  • E:SystemAppsUVSMStyleUVSMStyle.App
  • E:SystemAppsUltraMP3UltraMP3.App
  • C:SystemAppsTodoTodo.app
  • E:SystemAppsSystemExplorerSystemExplorer.App
  • C:SystemAppssSaversSaver.App
  • C:SystemAppsSpeedDialSpeeddial.app
  • E:SystemAppsSounderSounder.App
  • C:SystemAppsSnakeExSnakeEx.app
  • E:SystemAppsSmsMachineSmsMachine.App
  • E:SystemAppsSmartMovieSmartMovie.App
  • E:SystemAppsSmartAnswerSmartAnswer.App
  • C:SystemAppsSimDirSimDir.app
  • E:SystemAppsScreenCapScreenCap.app
  • C:SystemAppsSatUiSatui.app
  • E:SystemAppsRingMasterRingMaster.App
  • C:SystemAppsRealPlayerRealPlayer.app
  • E:SystemAppsRallyProContestRallyProContest.App
  • E:SystemAppsPVPlayerPVPlayer.App
  • C:SystemAppsPslnPSLN.app
  • C:SystemAppsProfileAppProfileApp.app
  • C:SystemAppsPinboardPinboard.app
  • E:SystemAppsPhotoSMSPhotoSMS.App
  • E:SystemAppsPhotoSafePhotoSafe.App
  • E:SystemAppsPhotographerPhotographer.app
  • E:SystemAppsPhotoEditorPhotoEditor.app
  • C:SystemAppsPhotoAlbumPhotoAlbum.app
  • E:SystemAppsphotoacutephotoacute.App
  • C:SystemAppsPhoneBookPhoneBook.app
  • !:SystemAppsPhoneFREAKPHONE_CAPTION.RSC
  • !:SystemAppsPhoneFREAKPHONE.RSC
  • E:SystemAppsPhoneFREAKPHONE.APP
  • E:SystemAppsPhoneFreakPhone.aif
  • C:SystemAppsNSmlDSSyncNSmlDSSync.app
  • C:SystemAppsNotepadNotepad.app
  • C:SystemAppsMusicPlayerMusicPlayer.app
  • E:SystemAppsMp3PlayerMp3Player.App
  • E:SystemAppsMp3GoMp3Go.App
  • C:SystemAppsmmpmmp.App
  • C:SystemAppsMMCAppMMCApp.app
  • C:SystemAppsMixPixMixPix.app
  • C:SystemAppsMidpUiMidpUi.app
  • E:SystemAppsMIDIEDMIDIED.App
  • !:SystemAppsMenuFreakMenu_caption.rsc
  • !:SystemAppsMenuFREAKMENU.RSC
  • !:SystemAppsMenuFREAKMENU.APP
  • E:SystemAppsMenuFreakMenu.aif
  • C:SystemAppsMediaplayerMediaPlayer.app
  • C:SystemAppsMediaGalleryMediaGallery.app
  • C:SystemAppsMCEMCE.app
  • C:SystemAppsLogsLogs.app
  • E:SystemAppslogoManlogoMan.app
  • E:SystemAppsLauncherLauncher.app
  • E:SystemAppsKPCaMainKPCaMain.App
  • E:SystemAppsJellyJelly.App
  • E:SystemAppsirremoteirRemote.App
  • C:SystemAppsIrAppIrApp.app
  • E:SystemAppsHantroCPHantroCP.App
  • E:SystemAppsHairHair.App
  • C:SystemAppsGSGS.app
  • E:SystemAppsFSCallerFSCaller.App
  • C:SystemAppsFMRadioFMRadio.app
  • C:SystemAppsFileManagerFileManager.app
  • E:SystemAppsFExplorerFExplorer.App
  • C:SystemAppsFdnFDN.app
  • C:SystemAppsFaxModemUiFaxModemUi.app
  • E:SystemAppsFaceWarpFaceWarp.App
  • E:SystemAppsextendedrecorderextendedrecorder.App
  • E:SystemAppsETIPlayerETIPlayer.App
  • E:SystemAppsETIMovieAlbumETIMovieAlbum.App
  • E:SystemAppsETICamcorderETICamcorder.App
  • C:SystemAppsCSHelpCSHelp.app
  • C:SystemAppsConverterConverter.app
  • C:SystemAppsConnectionMonitorUiConnectionMonitorUi.app
  • C:SystemAppsComposerComposer.app
  • C:SystemAppsClockAppClockApp.app
  • E:SystemAppsCFCF.app
  • E:SystemAppscamerafxCameraFX.App
  • C:SystemAppsCameraCamera.app
  • C:SystemAppsCamcorderCamcorder.app
  • E:SystemAppsCamcoderCamcoder.App
  • E:SystemAppsCallManagerCallManager.App
  • E:SystemAppscallcheatercallcheater.app
  • C:SystemAppsCalendarCalendar.app
  • C:SystemAppsCalcSoftCalcSoft.app
  • C:SystemAppsBrowserBrowser.app
  • E:SystemAppsBlueJackXBlueJackX.App
  • E:SystemAppsBlackListBlackList.App
  • C:SystemAppsAppMngrAppMngr.app
  • C:SystemAppsAppCtrlAppCtrl.app
  • E:SystemAppsAnswRecAnswRec.App
  • E:SystemAppsAD7650AD7650.App
  • C:SystemAppsAboutAbout.app
  • E:buburuz.ICO
  • E:autorun.inf
  • PopUp0.txt



Update
Previously, we have come to define an example of a “blended threat” as a Windows worm that either spreads via multiple propagation vectors such as email, IM, network shares and application vulnerabilities and/or a worm that has capabilities of other malwares such as file-infectors, backdoor trojans or even spywares.

Now, we may see a slightly new encounter of another implementation of what a “blended threat” is or could be in the near future – a mobile malware that has the capability to affect the Windows platform!… Ergo, let the battlecry linger on – Let’s continue to be vigilant!

As Raimund Genes, Trend Micro Chief Technologist Anti-Malware has said. “As mobile threats continue to evolve, it’s likely that we will see further attacks similar to this, but utilizing more robust propagation techniques and therefore carrying a higher potential for infection.”

Related posts:

  1. ニセのセキュリティソフトによる詐欺被害+α
  2. 「愉快犯」系もまだまだ健在! 最近の愉快犯あれこれ
  3. Bagle Author Hacks Russian Website
  4. モバイル利用者を狙うフィッシング詐欺事例:SMSでの誘導を確認
Tags: スミッシング


  • 個人のお客さま向けオンラインショップ
  • |
  • 法人のお客さま向け直営ストア
  • |
  • 販売パートナー検索
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • 電子公告
  • ご利用条件
  • プライバシーポリシー
  • Copyright © 2021 Trend Micro Incorporated. All rights reserved.