SymbOS/Romride.H!tr

description-logoAnalysis

  • It is a Symbian virus, packed in .sis format.
  • Displays the following message prompting the user to install:
  • Install Bluetooth?
  • Drops the following file and executes it:
    • helzim.exe
    This causes the phone to restart and create a file in the C:\system\Data\  or other system folders. The file has a very long filename, blocking some applications from accessing these folders.

    recommended-action-logoRecommended Action

  • Delete all the dropped files using a file manager.

  • Telemetry logoTelemetry

    Detection Availability

    FortiClient
    Extreme
    FortiMail
    Extreme
    FortiSandbox
    Extreme
    FortiWeb
    Extreme
    Web Application Firewall
    Extreme
    FortiIsolator
    Extreme
    FortiDeceptor
    Extreme
    FortiEDR