1. Symantec/
  2. Security Response/
  3. Android.Penetho


October 1, 2012 11:01:46 AM
Risk Impact:
Systems Affected:
Android package file
The Trojan may arrive as a package with the following characteristics:

Package name: com.h1xumz.penetratepro
Publisher: penetrate.underdev.org
Version: 4.8.3
Name: Penetrate Pro

When the Trojan is being installed, it requests permissions to perform the following actions:
  • Access coarse location, e.g. Cell-ID, WiFi
  • Access information about networks, including WiFi
  • Allow read-only access to the phone state
  • Change the Wi-Fi connectivity state
  • Install a shortcut
  • Open network sockets
  • Use PowerManager WakeLocks to keep the processor from sleeping or the screen from dimming
  • Write to external storage devices

Once installed, the application displays an icon with the text of "Penetrate Pro".

The program downloads a dictionary from the following location:

It then cracks the WiFi login password for the router that the device is using.
Writeup By: Daniel Xiang
Summary| Technical Details| Removal

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
2016 Internet Security Threat Report, Volume 21
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube