Summary

Hombia is very simple appeding infector written with the batch language. It contains a destructive payload witch can activate only some environments depending on the regional settings.

Additional Details

When executed, it attempts to infect a single file with ".BAT" extension from the current directory or from the parent directory.

The payload activates on April 15th, when the virus attempts to delete all files from the current directory and all the subdirectories.

Detection

Detection for this malware was published on May 24th, 2004 in the following F-Secure Anti-Virus updates:

[FSAV_Database_Version]
Version=2004-05-24_02

Write-up: Sami Rautiainen, June 18th, 2004;