Home / malwarePDF  

Trojan:SymbOS/AppDisabler.A


First posted on 05 July 2010.
Source: SecurityHome

Aliases :

There are no other names known for Trojan:SymbOS/AppDisabler.A.

Explanation :

A trojan, or trojan horse, is a seemingly legitimate program which secretly performs other, usually malicious, functions. It is usually user-initiated and does not replicate.

Additional DetailsTrojan:SymbOS/Appdisabler.A is a malicious SIS file dropper, which is dropped by the Skulls.J trojan.

Appdisabler.A tries to disable third party file managers and drops two other malwares:

€ Trojan:SymbOS/Locknut.B
€ Bluetooth-Worm:SymbOS/Cabir.Y.

Installation


When installed, AppDisabler.A will replace many third-party file managers as well as other third party applications with non-functional application files. It also drops Locknut.B and Cabir.Y onto the system.

Payload

When active, Appdisabler.A disables following applications:

€ EFileman € FExplorer € File € SmartFileManager € Smartmovie € SystemExplorer € Yewsprite € UltraMP3
The dropped malware Cabir.Y will not start automatically, but will attempt to start at the next boot. However, on most devices Locknut.B will cause application loading to fail. This prevent Cabir.Y from starting.

Appdisabler.A also contains a bootstrap component that attempts to start a component of Skulls.J showing animation of flashing skull. This functionality is also hampered by Locknut.B.

Last update 05 July 2010

 

TOP

Malware :