SymbOS/Cabir.B!worm
Analysis
- It is a Symbian virus, packed in .SIS format.
- The following message is displayed on the screen during installation:
This is advanced camera timer for your phone! - Extracts the following files:
- C:\system\RECOGS\flo.mdl
- C:\system\CARIBESECURITYMANAGER\caribe.app
- C:\system\CARIBESECURITYMANAGER\caribe.rsc
- C:\system\CARIBESECURITYMANAGER\CAMTIMER.sis
- C:\system\apps\caribe\flo.mdl
- C:\system\apps\caribe\caribe.app
- C:\system\apps\caribe\caribe.rsc
- C:\system\apps\CamTimer\camtimer.app
- C:\system\apps\CamTimer\camtimer.rsc
- Attempts to send itself to other Bluetooth-enabled devices that it finds.
Recommended Action
- Check the main screen using the web interface for your FortiGate unit to ensure that the latest AV/NIDS database has been downloaded and installed on your system - if required, enable the "Allow Push Update" option
- Do not accept unsolicited applications which may be received by Infrared or other means
Telemetry
Detection Availability
FortiGate | |
---|---|
FortiClient | |
FortiAPS | |
FortiAPU | |
FortiMail | |
FortiSandbox | |
FortiWeb | |
Web Application Firewall | |
FortiIsolator | |
FortiDeceptor | |
FortiEDR |
Version Updates
Date | Version | Detail |
---|---|---|
2019-11-28 | 73.40600 | Sig Updated |