SDropper

Summary

This family of trojans drops files from the SymbOS/Skulls family. Members of the SDropper family have no additional interesting functionality apart from dropping and installing an embedded Skulls SIS file along with some additional non-malware software.

Disinfection & Removal

Please see the instructions below for F-Secure's F-Skulls tool. The tool will help in removing the Skulls files that were dropped by the member of the SDropper family.

Disinfection with two Series 60 phones

Use F-Skulls to allow for installation of F-Secure Mobile Anti-Virus

Download F-Skulls tool from ftp://ftp.f-secure.com/anti-virus/tools/f-skulls.zip or directly to a clean phone from http://www.f-secure.com/tools/f-skulls.sis

Install F-Secure Mobile Anti-Virus

• Install F-Skulls.sis onto the infected phone's memory card with a clean phone
• Put the memory card with the F-Skulls tool into the infected phone
• Start up the infected phone and the application installer should now work
• Go to the application manager and uninstall the SIS file in which you installed the malware
• Download F-Secure Mobile Anti-Virus and activate it
• Scan the phone and remove any remaining components of the malware
• Remove the F-Skulls tool with the application manager as the phone should now be clean

Description Created: Juha-Pekka Heikkila, March 24, 2006
Technical Details: Juha-Pekka Heikkila, March 24, 2006