home

HobbaFlooder.exe

HobbaFlooder

This is a setup program which is used to install the application. The file has been seen being downloaded from download1588.mediafire.com and multiple other hosts.
Product:
HobbaFlooder

Version:
1.00

MD5:
da54c5dfe179a0658f6ac4b19550be3c

SHA-1:
0e491c295c4135d91dea2f4cb45e33042b419dbf

SHA-256:
cca27b582d19bec9f2a5e14fd09f215f56effd108641e8e041a3d04bdeab70b7

Scanner detections:
3 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
5/30/2024 2:40:12 PM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
HW32.Packed
1.3.0.8042

Qihoo 360 Security
HEUR/QVM03.0.Malware.Gen
1.0.0.1120

Quick Heal
(Suspicious) - DNAScan
6.16.14.00

File size:
64 KB (65,536 bytes)

Product version:
1.00

Original file name:
HobbaFlooder.exe

File type:
Executable application (Win32 EXE)

Language:
Spanish

Common path:
C:\users\{user}\downloads\hobbaflooder.exe

File PE Metadata
Compilation timestamp:
4/9/2016 12:57:33 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
768:/Suo6WzFDYsOy99H9Huh2dNCbulRTTudqgYF+J7Q9i+kZzOMfb1ED4wD8:/NsFD3OCjHuhzdqgYcGe

Entry address:
0x11AC

Entry point:
68, 30, BC, 40, 00, E8, EE, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, F6, 7D, 20, DC, FE, 9A, C4, 42, 9A, CE, AF, 5F, A3, 29, CB, 54, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 50, 72, 6F, 79, 65, 63, 74, 6F, 31, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, FF, CC, 31, 00, 0A, B5, 92, 68, A0, 27, 89, F3, 43, 96, 4F, 60, 2D, 60, 0C, 81, 0B, CE, 66, DE, A6, CE, CD, 39, 45, 8B, CF, 01, C4, B2, 1B, 3B, BA, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00...
 
[+]

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
52 KB (53,248 bytes)

The file HobbaFlooder.exe has been seen being distributed by the following 2 URLs.

http://download1588.mediafire.com/7xn722zunumg/.../HobbaFlooder.exe

http://download1588.mediafire.com/qamd28dpgzug/.../HobbaFlooder.exe

Scan HobbaFlooder.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.