The mobile malware requests the following permissions:
INTERNET - Allows applications to open network sockets.
READ_CONTACTS - Allows an application to read the user's contacts data.
READ_PHONE_STATE - Allows read only access to phone state.
Looking at the requested permissions, this kind of gives the mobile malware away by requesting more permissions than what it is trying to portray.
Dougalek Installed on the Android Device
Upon execution, Dougalek collects information from the compromised Android device and sends the stolen information to:
Dougalek Stealing Contact Information
It also attempts to download and play a video from:
Meanwhile the affected user only sees this on the screen:
Dougalek stealing information in the background