Eng
  1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar


Skulls.Q


Aliases:


Skulls.Q
SymbOS/Skulls.Q

Malware

W32

Summary

Skulls.Q is a combination of several previous Skulls variants. Skulls.Q contains component files from Skulls.D and Skulls.N among other variants. Skulls.Q also drops SymbOS/Commwarrior.B and several Cabir variants on the phone and component files from SymbOS/Doomboot.A trojan. The Doomboot files are dropped into folder where they cannot affect the system, so even as the phone is infected with Skulls.Q it can still boot normally. Skulls.Q also contains bluetooth distribution component from SymbOS/Onehop.A, but the component is installed so that it does not start automatically and user cannot execute it.



Disinfection & Removal


Disinfection with two Series 60 phones

Download F-Skulls tool from our FTP server to your computer or to a clean phone, then:

  • 1. Install F-Skulls.sis into infected phones memory card with a clean phone
  • 2. Put the memory card with F-Skulls into infected phone
  • 3. The F-Skulls starts automatically upon insertion and frees menu and application manager
  • 4. Go to application manager and uninstall the SIS file in which you installed the Skulls.Q
  • 5. Download and install F-Secure Mobile Anti-Virus on your computer to remove other malware dropped by the Skulls.Q, or download directly onto the mobile phone itself
  • 6. Remove the F-Skulls with application manager as the phone is now cleaned


Technical Details

Spreading in: FireStorm_English_PATCH_by_SMPDA.sis



Detection

Generic detection that detects Skulls.Q was published for F-Secure Mobile Anti-Virus on December 13th, 2004 in

Detection Type: Mobile
Database: database build number 15



Description Created: Jarno Niemela September 27th, 2005;



Submit a sample




Wondering if a file or URL is malicious? Submit a sample to our Lab for analysis via the Sample Analysis System (SAS)

Give And Get Advice




Give advice. Get advice. Share the knowledge on our free discussion forum.