Best Blackhat Forum

(02-02-2013 09:12 PM)dexter88 Wrote: [ -> ]

(02-02-2013 12:17 PM)dressmart Wrote: [ -> ]i am chinese, i try the software and would like to point out:
1. it is fake traffic. And the software can control the traffic spread time and IP/PV percent
you can also specify inner page to gain traffic.
2. This software mainly use for PPC purpose. in my opinion. it is not effective for ranking
3. This company also have a service which you can do without software. but it is not free.
So don't worry virus issue.They can help you to gain 1000ip to 30000ip/per day

if you have any question about this software, please leave message here, i will help you

Could you explain more for the tools?? Specially for the button function. :(

i already take a screenshot on my 1st post

(11-30-2012 09:25 AM)jamesc35453 Wrote: [ -> ]Has anyone got this to work? I unpacked it with 7Zip and when I tried to start the program the whole thing disappeared and left me with an empty directory. so far nothing looks funny and i scanned with Comodo before I unpacked it. however. I am off to run house call on my unit just to be sure. Proceed with caution!
James

Guys!!! im getting traffic in 5min from over 20 countries most only US!! this thing is awsum~~ im over 100 unique views already

download links not works for me?

The executable jingling.exe has been detected as malware by 26 anti-virus scanners. It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘urlspace’.


File name:
jingling.exe


Publisher:
精灵软件


Product:
流量精灵


Version:
2013.10.10.100


MD5:
645d60825b362448151387d060593635


SHA-1:
c670fd72229250249d736c924a10893d8d970f2f


SHA-256:
0e6ab2a37f8c6486aad5caab63b4aedd6be859be47f85fc7b0951f517fe6d973

Analysis

Scanner detections:
26 / 68


Status:
Malware


Analysis date:
3/21/2014 8:04:27 PM UTC (4 days ago)


Scan engine
Detection
Engine version


Lavasoft Ad-Aware
Trojan.Generic.9731381
1138


AhnLab V3 Security
Trojan/Win32.Clicker
2013.12.23


Avira AntiVir
SPR/Surfairy.A
7.11.121.86


AVG
Win32/DH
2014.0.3616


Baidu Antivirus
Hacktool.Win32.RiskTool
4.0.3.131223


Bitdefender
Trojan.Generic.9731381
1.0.20.1785


Bkav FE
W32.Clod9e1.Trojan
1.3.0.4613


Comodo Security
UnclassifiedMalware
17483


Emsisoft Anti-Malware
Trojan.Generic.9731381
8.13.12.23.09


Fortinet FortiGate
Malware_fam.NB
12/23/2013


F-Secure
Trojan.Generic.9731381
11.2013-23-12_2


G Data
Trojan.Generic.9731381
13.12.22


K7 AntiVirus
Riskware
13.174.10588


K7 Gateway Antivirus
Riskware
13.174.10588


Malwarebytes
Trojan.Agent
v2013.12.23.09


McAfee
RDN/Generic.tfr!dr
5600.7272


McAfee Web Gateway
RDN/Generic.tfr!dr
7.7272


MicroWorld eScan
Trojan.Generic.9731381
14.0.0.1071


NANO AntiVirus
Trojan.Win32.DownLoader10.cqvkbc
0.28.0.57029


Norman
Troj_Generic.RAUJP
10.20131223


Panda Antivirus
Trj/CI.A
13.12.23.09


Reason Heuristics
Unnamed.Threat.43
14.3.21.16


Sophos
Mal/Generic-S
4.96


Symantec
WS.Reputation
12/23/2013 rev. 2


Trend Micro House Call
TROJ_GEN.R0C1B01KR13
7.2.357


VIPRE Antivirus
Trojan.Win32.Generic!BT
24636

File Details

File size:
634.5 KB (649,728 bytes)


Product version:
4.0.3.1


Copyright:
Copyright 2012 Spiritsoft All Rights Reserved.


Original file name:
jingling.exe


File type:
Executable application (Win32 EXE)


Language:
Chinese


Common path:
C:\users\user\downloads\jingling.exe

File PE Metadata

Compilation timestamp:
10/10/2013 4:21:13 AM


OS version:
4.0


OS bitness:
Win32


Subsystem:
Windows GUI


Linker version:
8.0


CTPH (ssdeep):
12288:Aywuzfu4RNcQ+JHspCU60o0EWRowQfplbR/aTrVccunF5SV60R10n7:AyhvcQIHspCU69nA7yztyTracunF5SV6


Entry address:
0x4D228


Entry point:
E8, 4C, BE, 00, 00, E9, 17, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8D, 42, FF, 5B, C3, 8D, A4, 24, 00, 00, 00, 00, 8D, 64, 24, 00, 33, C0, 8A, 44, 24, 08, 53, 8B, D8, C1, E0, 08, 8B, 54, 24, 08, F7, C2, 03, 00, 00, 00, 74, 15, 8A, 0A, 83, C2, 01, 3A, CB, 74, CF, 84, C9, 74, 51, F7, C2, 03, 00, 00, 00, 75, EB, 0B, D8, 57, 8B, C3, C1, E3, 10, 56, 0B, D8, 8B, 0A, BF, FF, FE, FE, 7E, 8B, C1, 8B, F7, 33, CB, 03, F0, 03, F9, 83, F1, FF, 83, F0, FF, 33, CF, 33, C6, 83, C2, 04, 81, E1...
[+]


Code size:
443 KB (453,632 bytes)

Behaviors

Startup File (User Run)



Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run


Name:
urlspace


Command:
C:\users\user\downloads\jingling.exe -h


Network Communications

The executing file has been seen to make the following network communications in live environments.


TCP (HTTP):
Connects to retarget.xa.dc.openx.org (173.241.240.7:80)


TCP (HTTP SSL):
Connects to mrs02s05-in-f25.1e100.net (173.194.35.121:443)


TCP (HTTP):
Connects to wiki.myfreecams.com (204.9.55.32:80)


TCP (HTTP):
Connects to wi-in-f95.1e100.net (173.194.67.95:80)


TCP (HTTP SSL):
Connects to wg-in-f84.1e100.net (173.194.78.84:443)


TCP (HTTP SSL):
Connects to wg-in-f191.1e100.net (173.194.78.191:443)


TCP (HTTP):
Connects to wg-in-f191.1e100.net (173.194.78.191:80)


TCP (HTTP):
Connects to we-in-f191.1e100.net (173.194.66.191:80)


TCP (HTTP):
Connects to static.yandex.net (178.154.131.216:80)


TCP (HTTP):
Connects to static.88-198-58-48.clients.your-server.de (88.198.58.48:80)


TCP (HTTP):
Connects to sg2nlhg746c1746.shr.prod.sin2.secureserver.net (166.62.5.1:80)


TCP (HTTP SSL):
Connects to server-54-230-63-14.mad50.r.cloudfront.net (54.230.63.14:443)


TCP (HTTP SSL):
Connects to server-54-230-62-72.mad50.r.cloudfront.net (54.230.62.72:443)


TCP (HTTP):
Connects to server-54-230-27-36.mxp4.r.cloudfront.net (54.230.27.36:80)


TCP (HTTP):
Connects to server-54-230-26-120.mxp4.r.cloudfront.net (54.230.26.120:80)


TCP (HTTP):
Connects to ryleejames.com (216.59.2.2:80)


TCP (HTTP):
Connects to presentation-atl1.turn.com (50.116.194.21:80)


TCP (HTTP):
Connects to par10s10-in-f20.1e100.net (173.194.40.148:80)


TCP (HTTP):
Connects to par10s10-in-f18.1e100.net (173.194.40.146:80)


TCP (HTTP):
Connects to par03s13-in-f31.1e100.net (173.194.45.95:80)

Related

1 / 68 (inconclusive)
lmmanager.exe (1ed9f8d2c621efa794b1b5c0aace761a84525dd1)

(12-30-2012 06:59 AM)origintoolsseo Wrote: [ -> ]

(12-28-2012 03:54 PM)masspingtool Wrote: [ -> ]

(12-28-2012 03:24 PM)origintoolsseo Wrote: [ -> ]you have to disable it from your "start-up items" of your pc.

(12-28-2012 03:01 PM)skander1345 Wrote: [ -> ]

(12-28-2012 02:08 PM)origintoolsseo Wrote: [ -> ]Anyone know about this soft ..why the soft downloading like trojan from other web? i want to stoped it..how to do it?
Thanks

Run it in sandboxie (mentioned in the first post).

I've run it no sandboxie ..oh some mistake i did :(
any solutions bro..how to remove it forever from start task manager on my PC?

I still cant to remove them..when i restarted the windows ..that file will run again and try downloading "Trojan virus dtected my AV" i have already run it on my Pc without sanboxie..:( i just want to remove that files from my Pc forover and not run again ..please help

thanks

l cant understand its menu, is there any english version of this program?

(03-31-2014 07:48 AM)rcpkrc Wrote: [ -> ]l cant understand its menu, is there any english version of this program?

Some explaining about the menus
http://bestblackhatforum.com/showthread....#pid585187

Hope it helps

Mirror:


Search in Youtube For "How to use Jingling"

AVG internet security identified it as malware, Threat named as MalSign.Generic.853

10 url slots 100% Working bot for all sites which you can download here:
http://[Reported by Members as SPAM THREAD]/file/d1e60a2d

pass: 123456