Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

EZFNLauncherV2.apk

android-9-x86

6

EZFNLauncherV2.apk

android-13-x64

7

Analysis

  • max time kernel
    31s
  • max time network
    130s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    04/10/2024, 21:30 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    EZFNLauncherV2.apk

  • Size

    38.1MB

  • MD5

    147e6b26aa1f252bf912c7a1c3a01cb6

  • SHA1

    2cf8e0ccb43311f5885d95bc0188462077a9f77d

  • SHA256

    af6985992d674ac664c07a659515de10eae7ecade0183fda28ac46bb83bcc425

  • SHA512

    89a72e52c0b739bdde18c80aef5ab162cad73f88a077429d3aff34c7d84ae7206949d5145acede4ff3359d324323fece006230a70064380e1878b3020172e89b

  • SSDEEP

    786432:/Ym2d67A9Ls3unQn1SxlMTpxABB9F5d3fHQ62G3Zu3V0u/U1S2G:3Tn1SvMNxABB9vdx3ZgygUhG

Score
6/10
discoverypersistence

Malware Config

Signatures

Processes

  • com.ezfn.launcher
    1⤵
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks CPU information
    • Checks memory information
    PID:4263

Network

  • flag-us
    DNS
    semanticlocation-pa.googleapis.com
    Remote address:
    1.1.1.1:53
    Request
    semanticlocation-pa.googleapis.com
    IN A
    Response
    semanticlocation-pa.googleapis.com
    IN A
    172.217.16.234
    semanticlocation-pa.googleapis.com
    IN A
    216.58.204.74
    semanticlocation-pa.googleapis.com
    IN A
    142.250.200.42
    semanticlocation-pa.googleapis.com
    IN A
    216.58.213.10
    semanticlocation-pa.googleapis.com
    IN A
    142.250.178.10
    semanticlocation-pa.googleapis.com
    IN A
    216.58.201.106
    semanticlocation-pa.googleapis.com
    IN A
    142.250.187.234
    semanticlocation-pa.googleapis.com
    IN A
    142.250.200.10
    semanticlocation-pa.googleapis.com
    IN A
    172.217.169.42
    semanticlocation-pa.googleapis.com
    IN A
    172.217.169.74
    semanticlocation-pa.googleapis.com
    IN A
    142.250.179.234
    semanticlocation-pa.googleapis.com
    IN A
    142.250.180.10
    semanticlocation-pa.googleapis.com
    IN A
    142.250.187.202
    semanticlocation-pa.googleapis.com
    IN A
    216.58.212.202
  • flag-us
    DNS
    ezfn.dev
    Remote address:
    1.1.1.1:53
    Request
    ezfn.dev
    IN A
    Response
    ezfn.dev
    IN A
    104.26.7.31
    ezfn.dev
    IN A
    172.67.75.135
    ezfn.dev
    IN A
    104.26.6.31
  • flag-us
    DNS
    safebrowsing.googleapis.com
    Remote address:
    1.1.1.1:53
    Request
    safebrowsing.googleapis.com
    IN A
    Response
    safebrowsing.googleapis.com
    IN A
    216.58.213.10
  • flag-us
    DNS
    cdnjs.cloudflare.com
    Remote address:
    1.1.1.1:53
    Request
    cdnjs.cloudflare.com
    IN A
    Response
    cdnjs.cloudflare.com
    IN A
    104.17.25.14
    cdnjs.cloudflare.com
    IN A
    104.17.24.14
  • flag-us
    DNS
    challenges.cloudflare.com
    Remote address:
    1.1.1.1:53
    Request
    challenges.cloudflare.com
    IN A
    Response
    challenges.cloudflare.com
    IN A
    104.18.95.41
    challenges.cloudflare.com
    IN A
    104.18.94.41
  • flag-us
    DNS
    ezfnv2-cloudflare-pages.pages.dev
    Remote address:
    1.1.1.1:53
    Request
    ezfnv2-cloudflare-pages.pages.dev
    IN A
    Response
    ezfnv2-cloudflare-pages.pages.dev
    IN A
    172.66.47.138
    ezfnv2-cloudflare-pages.pages.dev
    IN A
    172.66.44.118
  • flag-us
    DNS
    static.cloudflareinsights.com
    Remote address:
    1.1.1.1:53
    Request
    static.cloudflareinsights.com
    IN A
    Response
    static.cloudflareinsights.com
    IN A
    104.16.79.73
    static.cloudflareinsights.com
    IN A
    104.16.80.73
  • flag-us
    DNS
    cdn.ezfn.dev
    Remote address:
    1.1.1.1:53
    Request
    cdn.ezfn.dev
    IN A
    Response
    cdn.ezfn.dev
    IN A
    104.26.7.31
    cdn.ezfn.dev
    IN A
    172.67.75.135
    cdn.ezfn.dev
    IN A
    104.26.6.31
  • flag-us
    DNS
    securepubads.g.doubleclick.net
    Remote address:
    1.1.1.1:53
    Request
    securepubads.g.doubleclick.net
    IN A
    Response
    securepubads.g.doubleclick.net
    IN A
    142.250.187.226
  • flag-us
    DNS
    fundingchoicesmessages.google.com
    Remote address:
    1.1.1.1:53
    Request
    fundingchoicesmessages.google.com
    IN A
    Response
    fundingchoicesmessages.google.com
    IN CNAME
    www3.l.google.com
    www3.l.google.com
    IN A
    142.250.200.46
  • flag-us
    DNS
    lh3.googleusercontent.com
    Remote address:
    1.1.1.1:53
    Request
    lh3.googleusercontent.com
    IN A
    Response
    lh3.googleusercontent.com
    IN CNAME
    googlehosted.l.googleusercontent.com
    googlehosted.l.googleusercontent.com
    IN A
    172.217.169.1
  • flag-us
    DNS
    cloudflareinsights.com
    Remote address:
    1.1.1.1:53
    Request
    cloudflareinsights.com
    IN A
    Response
    cloudflareinsights.com
    IN A
    104.16.79.73
    cloudflareinsights.com
    IN A
    104.16.80.73
  • flag-us
    DNS
    android.apis.google.com
    Remote address:
    1.1.1.1:53
    Request
    android.apis.google.com
    IN A
    Response
    android.apis.google.com
    IN CNAME
    clients.l.google.com
    clients.l.google.com
    IN A
    172.217.16.238
  • 142.250.200.42:443
    tls, https
    202 B
     40 B
     1
    1
  • 104.26.7.31:443
    ezfn.dev
    tls
    14.6kB
     402.4kB
     209
    374
  • 216.58.213.10:443
    safebrowsing.googleapis.com
    tls
    7.6kB
     397.7kB
     128
    276
  • 104.17.25.14:443
    cdnjs.cloudflare.com
    tls
    6.7kB
     329.8kB
     105
    230
  • 104.18.95.41:443
    challenges.cloudflare.com
    tls
    2.0kB
     21.2kB
     22
    28
  • 172.66.47.138:443
    ezfnv2-cloudflare-pages.pages.dev
    tls
    4.9kB
     115.3kB
     75
    123
  • 172.66.47.138:443
    ezfnv2-cloudflare-pages.pages.dev
    tls
    801 B
     3.6kB
     10
    8
  • 172.66.47.138:443
    ezfnv2-cloudflare-pages.pages.dev
    tls
    813 B
     3.6kB
     10
    7
  • 172.66.47.138:443
    ezfnv2-cloudflare-pages.pages.dev
    tls
    749 B
     3.6kB
     9
    8
  • 104.16.79.73:443
    static.cloudflareinsights.com
    tls
    3.5kB
     12.4kB
     20
    24
  • 104.16.79.73:443
    static.cloudflareinsights.com
    tls
    1.5kB
     11.5kB
     16
    16
  • 104.26.7.31:443
    cdn.ezfn.dev
    tls
    22.9kB
     1.3MB
     346
    845
  • 104.26.7.31:443
    cdn.ezfn.dev
    tls
    660 B
     3.6kB
     7
    6
  • 172.66.47.138:443
    ezfnv2-cloudflare-pages.pages.dev
    tls
    12.9kB
     464.6kB
     168
    339
  • 142.250.187.226:443
    securepubads.g.doubleclick.net
    tls
    11.1kB
     563.0kB
     194
    383
  • 142.250.200.46:443
    fundingchoicesmessages.google.com
    tls
    5.5kB
     182.9kB
     83
    133
  • 172.217.169.1:443
    lh3.googleusercontent.com
    tls
    1.7kB
     14.9kB
     16
    19
  • 142.250.200.46:443
    fundingchoicesmessages.google.com
    tls
    2.6kB
     9.7kB
     21
    19
  • 216.58.204.78:443
    tls, https
    858 B
     40 B
     1
    1
  • 172.217.16.238:443
    android.apis.google.com
    tls
    4.7kB
     8.5kB
     14
    22
  • 142.250.179.234:443
    semanticlocation-pa.googleapis.com
    tls, https
    1.2kB
     40 B
     1
    1
  • 224.0.0.251:5353
    3.7kB
     11
  • 1.1.1.1:53
    semanticlocation-pa.googleapis.com
    dns
    80 B
     304 B
     1
    1

    DNS Request

    semanticlocation-pa.googleapis.com

    DNS Response

    172.217.16.234
    216.58.204.74
    142.250.200.42
    216.58.213.10
    142.250.178.10
    216.58.201.106
    142.250.187.234
    142.250.200.10
    172.217.169.42
    172.217.169.74
    142.250.179.234
    142.250.180.10
    142.250.187.202
    216.58.212.202

  • 1.1.1.1:53
    ezfn.dev
    dns
    54 B
     102 B
     1
    1

    DNS Request

    ezfn.dev

    DNS Response

    104.26.7.31
    172.67.75.135
    104.26.6.31

  • 1.1.1.1:53
    safebrowsing.googleapis.com
    dns
    73 B
     89 B
     1
    1

    DNS Request

    safebrowsing.googleapis.com

    DNS Response

    216.58.213.10

  • 1.1.1.1:53
    cdnjs.cloudflare.com
    dns
    66 B
     98 B
     1
    1

    DNS Request

    cdnjs.cloudflare.com

    DNS Response

    104.17.25.14
    104.17.24.14

  • 1.1.1.1:53
    challenges.cloudflare.com
    dns
    71 B
     103 B
     1
    1

    DNS Request

    challenges.cloudflare.com

    DNS Response

    104.18.95.41
    104.18.94.41

  • 1.1.1.1:53
    ezfnv2-cloudflare-pages.pages.dev
    dns
    79 B
     111 B
     1
    1

    DNS Request

    ezfnv2-cloudflare-pages.pages.dev

    DNS Response

    172.66.47.138
    172.66.44.118

  • 1.1.1.1:53
    static.cloudflareinsights.com
    dns
    75 B
     107 B
     1
    1

    DNS Request

    static.cloudflareinsights.com

    DNS Response

    104.16.79.73
    104.16.80.73

  • 1.1.1.1:53
    cdn.ezfn.dev
    dns
    58 B
     106 B
     1
    1

    DNS Request

    cdn.ezfn.dev

    DNS Response

    104.26.7.31
    172.67.75.135
    104.26.6.31

  • 1.1.1.1:53
    securepubads.g.doubleclick.net
    dns
    76 B
     92 B
     1
    1

    DNS Request

    securepubads.g.doubleclick.net

    DNS Response

    142.250.187.226

  • 1.1.1.1:53
    fundingchoicesmessages.google.com
    dns
    79 B
     116 B
     1
    1

    DNS Request

    fundingchoicesmessages.google.com

    DNS Response

    142.250.200.46

  • 1.1.1.1:53
    lh3.googleusercontent.com
    dns
    71 B
     116 B
     1
    1

    DNS Request

    lh3.googleusercontent.com

    DNS Response

    172.217.169.1

  • 1.1.1.1:53
    cloudflareinsights.com
    dns
    68 B
     100 B
     1
    1

    DNS Request

    cloudflareinsights.com

    DNS Response

    104.16.79.73
    104.16.80.73

  • 1.1.1.1:53
    android.apis.google.com
    dns
    69 B
     109 B
     1
    1

    DNS Request

    android.apis.google.com

    DNS Response

    172.217.16.238

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.