Gridinsoft Logo
File Icon

JinxSkin静态版本1.2.exe Malware Generic Analysis

Updated 12 days ago
Checked by Malware Check
JinxSkin静态版本1.2.exe

Technical Analysis

File Name JinxSkin静态版本1.2.exe
File Type
PE32 executable (console) Intel 80386, for MS Windows
Scanner Version 1.0.231.174
Database Version 2025-12-28 08:00:39 UTC

Malware.Win32.Generic.cld

Malware family: Generic

This detection name identifies suspicious files displaying Trojan-like behavior patterns. It represents malware that masquerades as benign programs while executing unauthorized activities on the infected system.
N/A
Detection Rate
9,957,376
File Size (bytes)
2025-12-28
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
a5e446de5ae830801c04cd7027b161f1
SHA1
15bede941cc639e4c09d1d429dd9e3dedec33c9e
SHA256
3990b36777a6779a2e2b1473864c8f0f15d257df3a799abd6650c0f990a5cc31
SHA512
914e788d5b650110138c4529e403b2eb7bf1911fa168da318ad9fa392d797fdd49c6d9fd60ca0a5bf01d203b4dd7881540c25f3cc8abe3a4674d26f924ce52c2
ImpHash
49c56e044d81c5e564a42cb7171b1b23

PE Analysis

Basic Information

Icon
Hash: f63dbaed2511bb28d15a3a04479bf59e
Fuzzy: fc71d89f7371303104c325b289a0460e
dHash: 6cccacecece4ecc4
Image Base 0x00400000
Entry Point 0x0109d058
Compilation Time 2025-04-26 15:52:09
Checksum 0x009874c5 (Actual: 0x009874c5)
OS Version 4.0
PEiD Signatures PE32 executable (console) Intel 80386, for MS Windows
Digital Signature No valid SignedData structure was found.
Imports 12 libraries
Exports 12 functions
Resources 4 Resources
Sections 10 Sections

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
0x00001000 1,076,957 bytes 520,192 bytes 8.00 (Packed/Encrypted) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE CED5E2538EE67839C93FE93CA1BBF7DE
0x00108000 971,782 bytes 491,520 bytes 8.00 (Packed/Encrypted) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE D6C56467A4EC5D8D3A6D197A60025A4C
0x001f6000 547,064 bytes 114,688 bytes 7.96 (Packed/Encrypted) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE F65D885F774779B5BBBF3202591E1BF5
0x0027c000 3,015,952 bytes 3,018,752 bytes 8.00 (Packed/Encrypted) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 3C41F19D3B22FC3DD5C1EB7BA89470F9
0x0055d000 1,052 bytes 4,096 bytes 2.87 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE B626BB78A7B2A2A1FD2DCEDDB0C6A40C
.edata 0x0055e000 4,096 bytes 4,096 bytes 0.21 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 0EAB8CA89F9D961558D63B3D8F962BF6
.idata 0x0055f000 4,096 bytes 4,096 bytes 0.91 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 0F3D7BBF4C920F0AB1F7B43F0E618125
.rsrc 0x00560000 12,288 bytes 12,288 bytes 5.48 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 8554FBF802D76B32A94C5E8B643685DB
.themida 0x00563000 7,577,600 bytes 0 bytes 0.00 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE D41D8CD98F00B204E9800998ECF8427E
.boot 0x00c9d000 5,783,552 bytes 5,783,552 bytes 7.90 (Packed/Encrypted) IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ CB1B2AE71B8F3D7DD9071A66BE5F3C34
Entropy Analysis Alert

5 section(s) with high entropy (≥7.5) detected - possible packing/encryption

Resource Analysis

Total Resources: 4 (10,437 bytes)
Resource Type Count Total Size Percentage
RT_ICON 1 9,640 bytes
92.4%
RT_STRING 1 80 bytes
0.8%
RT_GROUP_ICON 1 20 bytes
0.2%
RT_MANIFEST 1 697 bytes
6.7%

Certificate Chain Analysis

No Digital Signatures

This file is not digitally signed.

Security Implications:
  • Cannot verify the publisher's identity
  • Increased security risk when running this file
  • May trigger security warnings on some systems

⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources

Certificate Verification Status

No valid SignedData structure was found.

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Malware.Win32.Generic.cld Removal

Gridinsoft has the capability to identify and eliminate Malware.Win32.Generic.cld without requiring further user intervention.

Download Anti-Malware

Removal Instructions

Follow these steps to completely remove the threat from your system

  1. Start by downloading Gridinsoft Anti-Malware to your computer.
  2. Double-click on the gsam-en-install.exe file and follow the on-screen instructions to install the program.
  3. Once the installation of Gridinsoft Anti-Malware is complete, the program will open on the Scan screen.
  4. Click on the "Standard Scan" button to begin scanning your computer for threats.
  5. After the scanning process is finished, click on "Clean Now" to remove any detected threats.
  6. If prompted, restart your system to complete the removal process and ensure all threats are eliminated.
Important: Before You Start
Disconnect from the internet to prevent the malware from spreading or downloading additional threats. Run the scan in Safe Mode for better detection and removal of persistent threats.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.

Your Score for
/

Gridinsoft Anti-Malware

Stay Malware-Free: Keep Your PC Protected with Gridinsoft Anti-Malware

Gridinsoft Anti-Malware offers just that—peace of mind with a robust, user-friendly solution that’s constantly updated to combat the latest threats. Designed by cybersecurity experts, it provides real-time protection and effortless malware removal. It’s not just about detecting threats; it's about enhancing your digital life with uninterrupted security. Give it a try and experience what it feels like to browse worry-free!

Gridinsoft Anti-Malware Download Now
Gridinsoft Anti-Malware