h spambot v0.4.exe

WindowsApplication1

This is a setup program which is used to install the application. The file has been seen being downloaded from s8909.chomikuj.pl and multiple other hosts.
Product:
WindowsApplication1

Version:
1.0.0.0

MD5:
6e1e96b3b49d81a220f372161ce9b369

SHA-1:
1fb65b5751caac2496781bc68cf87c9bcab9f21d

SHA-256:
50e90491496f84814d5e0049250bbbc8a0e94f90e3a87163c944991f55d9ef7a

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
1/12/2025 6:04:10 PM UTC  (today)

Scan engine
Detection
Engine version

Qihoo 360 Security
HEUR/QVM03.0.Malware.Gen
1.0.0.1077

File size:
299 KB (306,176 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2013

Original file name:
WindowsApplication1.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\h spambot v0.4.exe

File PE Metadata
Compilation timestamp:
12/31/2013 4:55:10 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
3072:y6amFpgk+X12roChQqevsCaZrBfrON7r3ID21:5amFqMoowZo5

Entry address:
0x4B72E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
294 KB (301,056 bytes)

The file h spambot v0.4.exe has been seen being distributed by the following 3 URLs.

http://s8909.chomikuj.pl/File.aspx?e=BD75i-HiCgj8Ad0Bth9A2wcpQ3OFva0vyK7KbWA2hSFjtD_hRvgRo6QWL48NZex7vKYShO50dRUPqzq18EnCji0po9-QoKql69OCyA0CkoYUQRmeAyfl6LwoSy9t--_UrTw-wSYnaZZcVBKDj7qzVw&pv=2

http://s6620.chomikuj.pl/File.aspx?e=BD75i-HiCgj8Ad0Bth9A2wcpQ3OFva0vyK7KbWA2hSElw5ER7BHVcJ4CCzryRrC-9jACLK5cS-dGZwAd_zG_Nzqe3Q42mOEap1ystoUmc6C0u-kbHjSsonxiPZJfHCg_2PS4WC6_IcVJErYYjAErGA&pv=2

Scan h spambot v0.4.exe - Powered by Reason Core Security