Eng
  1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar


Cardtrap.AK


Discovered:

2006-08-27 13:45:18.0

Trojan
Trojan
SymbOS

Summary

Cardtrap.AK is a Symbian SIS file trojan that tries to damage some 3rd party applications and installs Windows malware to the memory card.



Disinfection & Removal


Disinfecting using F-Secure Mobile Anti-Virus

  • Download F-Secure Mobile Anti-Virus from http://f-secure.mobiand activate the Anti-Virus
  • Scan the phone and remove any components of the malware
  • Reboot the phone to remove memory resident components


Technical Details


Installation to the Phone

Cardtrap.AK tries to disable following 3rd party applications by installing several damaged files to the phone memory:

  • C:\system\apps\Antivirus\Antivirus.app
  • C:\system\apps\Antivirus\AVserver.exe
  • C:\system\apps\Disinfect\Disinfect.app
  • C:\system\apps\Disinfector\Disinfector.app
  • C:\system\apps\FCommwarrior\FCommwarrior.app
  • C:\system\apps\KLAntivirus\KLAntivirus.app
  • C:\system\apps\MAV\MAV.app
  • C:\system\apps\Mobilesecurity\Mobilesecurity.app
  • C:\system\apps\MobilesecurityAu\MobilesecurityAu.app
  • E:\system\apps\ADOBEREADER\ADOBEREADER.app
  • E:\system\apps\BLACKLIST\BLACKLIST.app
  • E:\system\apps\cabirfix\cabirfix.app
  • E:\system\apps\ETICamcorder\ETICamcorder.app
  • E:\system\apps\FExplorer\FExplorer.app
  • E:\system\apps\file\file.app
  • E:\system\apps\FSCaller\FSCaller.app
  • E:\system\apps\Logoman\Logoman.app
  • E:\system\apps\Photoalbum\Photoalbum.app
  • E:\system\apps\PhotoEditor\PhotoEditor.app
  • E:\system\apps\Quicksheet\Quicksheet.app
  • E:\system\apps\SettingsWizard\SettingsWizard.app
  • E:\system\apps\Smartmovie\Smartmovie.app
  • E:\system\apps\systemexplorer\systemexplorer.app
  • E:\system\apps\ultramp3\ultramp3.app
  • E:\system\recogs\flocknut.mdl
  • E:\system\recogs\fSkulls.mdl

Cardtrap.AK drops following Win32 malware to device memory card:

  • Worm.Win32.Mobler.b


Detection

F-Secure Mobile Anti-Virus for Symbian detects this malware starting from the update build number 106.

Detection Type: Symbian
Database: 106



Description Created: 2006-08-28 13:43:33.0
Technical Details: Mika Tolvanen, August 28, 2006



Submit a sample




Wondering if a file or URL is malicious? Submit a sample to our Lab for analysis via the Sample Analysis System (SAS)

Give And Get Advice




Give advice. Get advice. Share the knowledge on our free discussion forum.

Keep your mobile device protected




F-Secure Mobile Security will keep your mobile device protected on the go and enable you to find it in case you lose it