Android package file
The Trojan may arrive as a package with the following characteristics:
When the Trojan is being installed, it requests permissions to perform the following actions:
- Access location information, such as GPS information.
- Open network connections.
- Access location information, such as Cell-ID or WiFi.
- Initiate a phone call without using the Phone UI or requiring confirmation from the user.
- Check the phone's current state.
- Write to external storage devices.
- Read user's contacts data.
- Read SMS messages on the device.
Once installed, the application will display an icon with a white outline of a phone against a pink background.
The Application may leak the compromised device's contact details.
The Application creates the following receiver: