Trojan:SymbOS/Singlejump.A affects devices running the Symbian S60 operating system. It is distributed in a malicious SIS file named 'PhotoID.v3.06_NEW_7610_3230_6630_SMPDA.sis'.
On execution, the trojan installs small component into locations where it replaces system and third party applications; if these applications are launched, the component resets the device.
Singlejump.A also installs a modified Bluetooth-Worm:SymbOS/Cabir variant that it uses to spread Trojan:SymbOS/Bootton.A to nearby Bluetooth-accessible devices; the modified Cabir is not started automatically but will start when device boots.
A False Positive is when a file is incorrectly detected as harmful, usually because its code or behavior resembles known harmful programs. A False Positive will usually be fixed in a subsequent database update without any action needed on your part. If you wish, you may also:
Check for the latest database updates
First check if your F-Secure security program is using the latest updates, then try scanning the file again.
Submit a sample
After checking, if you still believe the file is incorrectly detected, you can submit a sample of it for re-analysis.
Note: If the file was moved to quarantine, you need to collect the file from quarantine before you can submit it.
Exclude a file from further scanning
If you are certain that the file is safe and want to continue using it, you can exclude it from further scanning by the F-Secure security product.
Note: You need administrative rights to change the settings.
On execution, Singlejump.A replaces built in and third party applications with component that causes device to reboot when executed.
It also uses a Cabir variant that is modified so that instead of sending a copy of itself, the worm loads a specified SIS file (which is installed by Singlejump.A to a location where Cabir expects to find its own file) and starts sending it. In this case, the specified file is a copy of Trojan:SymbOS/Bootton.A.
The modified Cabir worm that Singlejump.A uses is based on Cabir.B and maintains the same replication flaw; thus, it is only capable of sending SymbOS/Bootton.A to the first phone it finds after reboot.
This trojan contains this message:
Saying HELLO From Here (SYRIA) TO All The WORLD !!! I Wish U N-Joy UR Damaged Device .. U Know, Not all may Read These Words But, No Problem Bcuz Some will, But even This, Thats The Way I Love U All ... ;-) Regards, ThNdRbRd