Threat Search: 

ThreatExpert's Statistics for BehavesLikeWin32.SMTP-Mailer [Ikarus]:

BehavesLikeWin32.SMTP-Mailer [Ikarus] is also known as:
Threat AliasNumber of Incidents
Mal/Banspy-F [Sophos]19
Adware.MyPoints [Symantec]14
TrojanDownloader:Win32/Banload.gen!N [Microsoft]12
Mal/Inet-Fam [Sophos]11
Generic Downloader.x [McAfee]10
Trojan-Downloader.Win32.Delf.slv [Kaspersky Lab]10
Trojan Horse [Symantec]8
Generic PUP.z [McAfee]4
Generic.dx [McAfee]3
PWS-Banker!bvn [McAfee]3
Win-Trojan/Mailer.548465 [AhnLab]3
Mal/Behav-053 [Sophos]2
PWS-Banker.gen.b [McAfee]2
Trojan-Downloader.Win32.Agent.cqch [Kaspersky Lab]2
Trojan-Spy.Win32.Delf.eoh [Kaspersky Lab]2
TrojanSpy:Win32/Banker [Microsoft]2
Win-Trojan/Xema.variant [AhnLab]2
Infostealer.Bancos [Symantec]1
Infostealer.Bancos.gen [Symantec]1
Mal/Agent-M [Sophos]1
Mal/Banspy-F, Mal/Behav-053 [Sophos]1
Mal/Banspy-F, Mal/Reload-A [Sophos]1
Mal/Generic-A [Sophos]1
Spyware.Keylogger [Symantec]1
Trojan.Win32.Agent.yvs [Kaspersky Lab]1
Trojan.Win32.Genome.pmo [Kaspersky Lab]1
Trojan:Win32/Malagent [Microsoft]1
Trojan-Downloader.Win32.Agent.bqlt [Kaspersky Lab]1
Trojan-Downloader.Win32.Delf.sao [Kaspersky Lab]1
Trojan-Spy.Delf.eoh [PC Tools]1
Trojan-Spy.Win32.Delf.cwt [Kaspersky Lab]1
Trojan-Spy.Win32.Delf.cyp [Kaspersky Lab]1
Trojan-Spy.Win32.Delf.fhs [Kaspersky Lab]1
VirTool:Win32/DelfInject.gen!X [Microsoft]1
Win-Trojan/Agent.207360.N [AhnLab]1
Win-Trojan/Keylogger.514715 [AhnLab]1

BehavesLikeWin32.SMTP-Mailer [Ikarus] has the following possible countries of origin:
OriginNumber of Incidents
Republic of Korea39
Brazil18
Poland13
Germany2
Israel1
Japan1
Spain1

BehavesLikeWin32.SMTP-Mailer [Ikarus] is known to be created as:
%AppData%\microsoft\addins\1s1nzhc.exe
%ProgramFiles%\mypoints\install.exe
%System%\avisala.exe
%System%\aviso.exe
%System%\plik.exe
%Temp%\windows\run.exe
%Windir%\binary.exe
%Windir%\media\hpmedia.exe
%Windir%\smss.com
%Windir%\system\basilisco.exe
%Windir%\winlogon.exe
c:\plik.exe
Notes:
  • %AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
  • %ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
  • %System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
  • %Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
  • %Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.