ThreatExpert's Statistics for Backdoor.Win32.Bifrose.fpb [Kaspersky Lab]:

Backdoor.Win32.Bifrose.fpb [Kaspersky Lab] is also known as:

Threat Alias	Number of Incidents
Win-Trojan/Midgare.32256 [AhnLab]	426
BackDoor-CEP.gen.g [McAfee]	419
Backdoor:Win32/Bifrose.AE [Microsoft]	395
Backdoor.Trojan [Symantec]	316
Trojan.Midgare.hhn [PC Tools]	316
BKDR_AHZE.SMM [Trend Micro]	279
Virus.Trojan.Win32.Midgare [Ikarus]	213
BKDR_AHZE.NY [Trend Micro]	163
Mal/Bifrose-X, Mal/Behav-352, Mal/Midgar-A, Mal/EncPk-FH [Sophos]	132
Mal/Generic-E, Mal/EncPk-FH [Sophos]	86
Backdoor.Bifrose [Symantec]	77
VirTool:Win32/Injector.gen!AG [Microsoft]	69
Mal/Behav-352, Mal/Midgar-A, Mal/EncPk-FH [Sophos]	61
Mal/Bifrose-X, Mal/Behav-352, Mal/Midgar-A, Mal/EncPk-FH, Mal/Bifrose-Z [Sophos]	57
Infostealer [Symantec]	52
Mal/Bifrose-X, Mal/EncPk-FH [Sophos]	32
Trojan.Win32.Midgare [Ikarus]	29
Mal/EncPk-FH [Sophos]	24
Mal/Midgar-A, Mal/EncPk-FH [Sophos]	24
Win-Trojan/Midgare.30590 [AhnLab]	20
Mal/EncPk-KZ, Mal/EncPk-FH [Sophos]	17
Mudgare.a [McAfee]	17
Win-Trojan/Agent.32637.E [AhnLab]	15
W32/Sality-AM [Sophos]	10
Trojan Horse [Symantec]	9
Virus:Win32/Sality.AM [Microsoft]	9
W32/Sality.gen [McAfee]	9
Backdoor.Bifrose [PC Tools]	8
BackDoor-CEP!hv.a [McAfee]	8
Trojan:Win32/Midgare.A [Microsoft]	7
W32.Virut.CF [Symantec]	7
Win32/Kashu.B [AhnLab]	7
Mal/EncPk-KZ [Sophos]	6
W32.Sality.AE [Symantec]	6
Backdoor.Trojan [PC Tools]	5
BKDR_BIFROSE.SMO [Trend Micro]	5
Mal/Bifrose-Z, Mal/Bifrose-X, Mal/Behav-352, Mal/Midgar-A, Mal/EncPk-FH [Sophos]	5
Virus:Win32/Virut.BM [Microsoft]	5
Backdoor-CEP.gen.i [McAfee]	4
Virus.Win32.Bifrose [Ikarus]	4
W32/Sality.gen.b [McAfee]	4
Win-Trojan/Midgare.30208 [AhnLab]	4
Mal/Bifrose-X [Sophos]	3
Mal/Bifrose-X, Mal/Midgar-A, Mal/EncPk-FH [Sophos]	3
Mal/EncPk-FH, Mal/EncPk-KZ [Sophos]	3
Mal/Sality-B [Sophos]	3
Mudgare.gen.b [McAfee]	3
New Malware.aq [McAfee]	3
PE_SALITY.AE [Trend Micro]	3
W32/Sality-AI [Sophos]	3
Constructor.Win32.Bifrose.gy [Kaspersky Lab]	2
Constructor.Win32.Bifrose.j [Kaspersky Lab]	2
Gen.Trojan [Ikarus]	2
Mal/Behav-352, Mal/Midgar-A, Mal/EncPk-FH, W32/Scribble-B [Sophos]	2
Mal/Bifrose-X, Mal/Behav-352, Mal/Midgar-A, Mal/EncPk-FH, Mal/Bifrose-Z, W32/Scribble-B [Sophos]	2
Mal/Bifrose-X, Mal/Sality-C [Sophos]	2
Mal/Bifrose-Z [Sophos]	2
Mal/Generic-A [Sophos]	2
Mal/Generic-E [Sophos]	2
Mal/Packer [Sophos]	2
PE_SALITY.BU [Trend Micro]	2
Trojan-Dropper.Agent [Ikarus]	2
Trojan-Dropper.Win32.Stabs [Ikarus]	2
Virus:Win32/Sality.G [Microsoft]	2
Virus:Win32/Sality.gen [Microsoft]	2
W32.Sality.AM [Symantec]	2
W32/Sality.n [McAfee]	2
Backdoor.Rbot [Ikarus]	1
Backdoor.Win32.Bifrose [Ikarus]	1
Backdoor:Win32/Poisonivy.E [Microsoft]	1
Backdoor-CEP [McAfee]	1
BackDoor-CEP.gen.a [McAfee]	1
BackDoor-CEP.gen.au [McAfee]	1
Constructor:Win32/Bifrose.A [Microsoft]	1
Dropper/Tempex [AhnLab]	1
Gen.Malware [Ikarus]	1
Generic Dropper!blx [McAfee]	1
Generic Dropper.pm.gen [McAfee]	1
Mal/Bifrose-S [Sophos]	1
Mal/Bifrose-X, Mal/EncPk-FH, Mal/Bifrose-Z [Sophos]	1
Mal/Bifrose-X, Mal/Midgar-A, Mal/EncPk-FH, Mal/Bifrose-Z [Sophos]	1
Mal/Bifrose-Z, Mal/Sality-B [Sophos]	1
Mal/Dorf-D [Sophos]	1
Mal/EncPk-BU, Mal/EncPk-BA [Sophos]	1
Mal/EncPk-KZ, Mal/Behav-352, Mal/Midgar-A, Mal/EncPk-FH [Sophos]	1
Mal/Generic-E, Mal/EncPk-FH, Mal/Behav-103, Mal/Behav-043 [Sophos]	1
Mal/HckPk-A [Sophos]	1
Mal/Midgar-A, Mal/EncPk-FH, W32/Scribble-B [Sophos]	1
Mal/Packer, Mal/EncPk-E [Sophos]	1
Mal/Packer, Mal/Midgar-A, Mal/EncPk-FH, Mal/Bifrose-Z [Sophos]	1
New Win32 [McAfee]	1
Packer.RLPack [Ikarus]	1
PE_SALITY.EK [Trend Micro]	1
PE_SALITY.EN-1 [Trend Micro]	1
Trojan.Midgare!sd6 [PC Tools]	1
Trojan.StartPage [Ikarus]	1
Trojan.Win32.Swisyn.iph [Kaspersky Lab]	1
Trojan-Dropper.SAG [Ikarus]	1
Trojan-PSW.Generic [PC Tools]	1
Virus.W32.Sality [Ikarus]	1

Backdoor.Win32.Bifrose.fpb [Kaspersky Lab] has the following possible countries of origin:

Origin		Number of Incidents
	Sweden	5
	United Kingdom	5
	France	4
	Russian Federation	4
	Saudi Arabia	3
	Israel	2
	Turkey	2
	Brazil	1
	Croatia	1
	Germany	1
	Spain	1

Backdoor.Win32.Bifrose.fpb [Kaspersky Lab] is known to be created as:

%AppData%\bifrost\server.exe

%AppData%\microsoft\svchost.exe

%AppData%\regedit\fragmen.exe

%AppData%\system\sys.exe

%AppData%\system\win.exe

%AppData%\temp\eixplorer.exe

%CommonAppData%\server.exe

%CommonPrograms%\startup\net.exe

%CommonPrograms%\startup\server.exe

%InternetCache%\57289261.exe

%LocalSettings%\temptmp.exe

%ProgramFiles%\99\88.exe

%ProgramFiles%\aaaaaaaaaa\aaaaaaa.exe

%ProgramFiles%\anti-trust\anti-trust.exe

%ProgramFiles%\biforst\server.exe

%ProgramFiles%\bifrost\a.exe

%ProgramFiles%\bifrost\ser.exe

%ProgramFiles%\bifrost\server.exe

%ProgramFiles%\bifrost\svchost.exe

%ProgramFiles%\cmdl32\cmdl32.exe

%ProgramFiles%\dir\server.exe

%ProgramFiles%\hhh\server.exe

%ProgramFiles%\live\ccshost.exe

%ProgramFiles%\massenger live\server.exe

%ProgramFiles%\mesenger\windows.exe

%ProgramFiles%\micro\hosts.exe

%ProgramFiles%\microsoft odbc\odbc.exe

%ProgramFiles%\microsoft\svchost.exe

%ProgramFiles%\microsoft\yahoo.exe

%ProgramFiles%\msn messenger\sexglasses.exe

%ProgramFiles%\msn\spoolsv.exe

%ProgramFiles%\msns\msns.exe

%ProgramFiles%\netmeeting0\cb32.exe

%ProgramFiles%\system32\msnmsgr.exe

%ProgramFiles%\system32\system32.exe

%ProgramFiles%\test\test.exe

%ProgramFiles%\windows\windows.exe

%ProgramFiles%\xerox\sisysy.exe

%ProgramFiles%\xerox\xerox.exe

%Programs%\startup\222.exe

%System%\bifrost\server.exe

%System%\bifrost\test.exe

%System%\bifroxx\server.exe

%System%\boot\win34.exe

%System%\bootvid.exe

%System%\explorer\explorer.exe

%System%\explorer\internet.exe

%System%\hhhh\server.exe

%System%\langame\langame.exe

%System%\massenger live\server.exe

%System%\microsoft\microsoft.exe

%System%\microsoft\sestyme32.exe

%System%\microsoft\svco.exe

%System%\mozilla\mozilla.exe

%System%\msn\installplus.exe

%System%\password\password.exe

%System%\qqq\server.exe

%System%\regedit\fragmen.exe

%System%\server.exe

%System%\sky\win.exe

%System%\sys32\sixcoup32.exe

%System%\sysfile\win37.exe

%System%\system.scr

%System%\system\sys.exe

%System%\system\win.exe

%System%\system23\pach.exe

%System%\system32\mcrosft.exe

%System%\system32\system32.exe

%System%\system321\server.exe

%System%\systm\systm32.exe

%System%\systreay\systray.exe

%System%\temp\eixplorer.exe

%System%\update\microsoftt.exe

%System%\web\web.exe

%System%\windoo\maicroo.exe

%System%\windows\dnetc.exe

%System%\windows\microsoft.exe

%System%\windows\server.exe

%System%\windows32\system32.exe

%System%\winfiles.exe

%System%\xx\sys.exe

%Temp%\1.exe

%Temp%\asadfg43rwaef.exe

%Temp%\coffin.exe

%Temp%\decrypted.exe

%Temp%\ixp000.tmp\1.exe

%Temp%\ixp000.tmp\3.exe

%Temp%\ixp000.tmp\server.exe

%Temp%\ixp000.tmp\stub.exe

%Temp%\qwert.exe

%Temp%\s.exe

%Temp%\server.exe

%Temp%\server1.exe

%Temp%\sys.exe

%Temp%\tempalbert\server.exe

%Temp%\tmp.exe

%Temp%\xdz3.exe

%Templates%\winupdcenter.exe

%Windir%\1.exe

%Windir%\bifrost\server.exe

Notes:

%AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
%CommonAppData% is a variable that refers to the file system directory containing application data for all users. A typical path is C:\Documents and Settings\All Users\Application Data.
%CommonPrograms% is a variable that refers to the file system directory that contains the directories for the common program groups that appear on the Start menu for all users. A typical path is C:\Documents and Settings\All Users\Start Menu\Programs (Windows NT/2000/XP).
%InternetCache% is a variable that refers to the file system directory that serves as a common repository for temporary Internet files. A typical path is C:\Documents and Settings\[UserName]\Local Settings\Temporary Internet Files.
%LocalSettings% is a variable that specifies the current user's local settings folder. By default, this is C:\Documents and Settings\[UserName]\Local Settings (Windows NT/2000/XP).
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%Programs% is a variable that refers to the file system directory that contains the user's program groups. A typical path is C:\Documents and Settings\[UserName]\Start Menu\Programs.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
%Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
%Templates% is a variable that refers to the file system directory that serves as a common repository for document templates. A typical path is C:\Documents and Settings\[UserName]\Templates.
%Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.