Content

SymbOS/Romsilly.A

Type
Trojan
SubType
Discovery Date
04/10/2006
Length
Minimum DAT
4737 (04/10/2006)
Updated DAT
4737 (04/10/2006)
Minimum Engine
5.1.00
Description Added
04/10/2006
Description Modified
08/27/2007 6:46 PM (PT)
Risk Assessment
Corporate User
Low
Home User
Low

Tab Navigation

Characteristics

SymbOS/Romsilly.A is distributed in a SIS file called “DSLShark_69.sis”.This malware consists of an MDL file that calls a ROM application upon reboot.

SymbOS/Romsilly.A calls “Z:\SYSTEM\PROGRAMS\STARTER.EXE”, which reboots the phone.When the phone is rebooted the first time, the ROM application will be run beginning the continual reboot cycle.

Symptoms

Upon reboot SymbOS/Romsilly.A:

  • The phone is disabled by continuous rebooting

Method of Infection

Removal

Use the latest Engine/Dats

Variants

Variants

  • Symbos/Romsilly.B

All Information

Overview -

SymbOS/Romsilly.A is a malware that causes a denial of service by calling a ROM application to continually reboot the phone

Characteristics

Characteristics -

SymbOS/Romsilly.A is distributed in a SIS file called “DSLShark_69.sis”.This malware consists of an MDL file that calls a ROM application upon reboot.

SymbOS/Romsilly.A calls “Z:\SYSTEM\PROGRAMS\STARTER.EXE”, which reboots the phone.When the phone is rebooted the first time, the ROM application will be run beginning the continual reboot cycle.

Symptoms

Symptoms -

Upon reboot SymbOS/Romsilly.A:

  • The phone is disabled by continuous rebooting

Method of Infection

Method of Infection -

Removal -

Removal -

Use the latest Engine/Dats

Variants

Variants -

  • Symbos/Romsilly.B