|
|
|  |
|
|
|
|
F-Secure Malware Information Pages: Trojan:SymbOS/CardTrap.AL
|
|
|
| Radar |
 |
|
|
|
Summary
|
CardTrap.AL is a trojan targeting Pre-Symbian9 UIQ devices.
CardTrap.AL overwrites system files in UIQ system preventing the device from booting up on next reboot. In addition to disabling the device CardTrap.AL also carries windows malware as a payload. |
|
|
|
Detailed Description
|
CardTrap.AL is a trojan targeting Pre-Symbian9 UIQ devices.
CardTrap.AL overwrites system files in UIQ system preventing the device from booting up on next reboot. In addition to disabling the device CardTrap.AL also carries Net-Worm.Win32.Padobot.z and Email-Worm.Win32.Rays windows malware as a payload. The windows malware here are however a marginal threat since they are written during the install process to the D: drive of the device. D: drive is the ram-drive in the device that is cleared on reboot.
CardTrap.AL writes the following files into device:
- d:\SYSTEM.exe
- d:\autorun.inf
- d:\fsb.exe
- d:\buburuz.ICO
- c:\system\data\SysFnt.ini
- c:\system\fonts\FreeType.dll
- c:\system\fonts\MusiSync.ttf
- !:\info.txt.txt
|
|
|
|
F-Secure Corporation |
|
|
|
|
|
Last Modified: September 19, 2007
|
|
|
|
|
