UMU Mobile Security Banner
Home / Virus Definitions
J2ME/Agent.B
Green Tick UMU Scan protects against this virus.
Threat Level:
Low
Type:
Trojan
SDB Version:
273
SDB Release Date:
10/06/2010
Description Date:
10/09/2010

J2ME/Agent.B

J2ME/Agent.B arrives as a JAR installation package for an application named “razden_studentku” that poses as an application for porn services. 

It affects all devices that support J2ME or Java Midlet execution. 

 


Upon installation, it will then appear in the phone as follows with a Application name “razden_studentka”:

 


It drops the following components:

a.class

b.class

c.class

d.class

e.class

f.class

g.class

h.class

i.class

j.class

k.class

l.class

m.class

Midlet.class

n.class

 

b.class handles the SMS sending functionalities for this Trojan.

 Upon execution of the malicious application, it will show the following:

 


Then displays the following message:

 


After accepting, it will then display the following message:

 

It will then show the following image, instructing the user to click OK to unveil the hidden image.

 

  After unveiling the hidden image, it will show the following message:

 


It then displays another hidden image, instructing again the user to click ok repeatedly to display the image.

 

The malicious app may then prompt the following message that will allow it to send an SMS to 7136, 7138, 7137.  However since the user is continuously clicking OK, this message will come unnoticed. The compromised user may also be charged at premium rates for these messages.

 

 


 


 
After unveiling the image it will then display the following message:

 


Manual Disinfection

 

  1. Go to the device’s Application Manager and remove/uninstall applications named “razden_studentka”. 
  2. Scan your mobile device using UMU Scan and delete all files detected as J2ME/Agent.B

 

 

 

Virus Definitions

List of virus definitions
Report a new virus/spyware