Android package file
The Trojan may arrive as a package with the following characteristics:
When the Trojan is being installed, it requests permissions to perform the following actions:
- Access coarse location, e.g. Cell-ID, WiFi
- Access information about networks, including WiFi
- Allow read-only access to the phone state
- Change the Wi-Fi connectivity state
- Install a shortcut
- Open network sockets
- Use PowerManager WakeLocks to keep the processor from sleeping or the screen from dimming
- Write to external storage devices
Once installed, the application displays an icon with the text of "Penetrate Pro".
The program downloads a dictionary from the following location:
It then cracks the WiFi login password for the router that the device is using.