ThreatExpert's Statistics for BKDR_BIFROSE.DZZ [Trend Micro]:

BKDR_BIFROSE.DZZ [Trend Micro] is also known as:

Threat Alias	Number of Incidents
Backdoor-CEP.gen.q [McAfee]	42
VirTool:Win32/Injector.gen!Y [Microsoft]	37
Trojan.Dropper [Symantec]	34
Win-Trojan/Agent.11776.KS [AhnLab]	26
Troj/Bifrose-XE [Sophos]	22
Trojan-Dropper.Win32.Stabs.aao [Kaspersky Lab]	20
VirTool.Win32.Injector [Ikarus]	19
Trojan.Dropper [PC Tools]	15
Trojan Horse [Symantec]	10
Backdoor-CEP.gen.r [McAfee]	9
Mal/Behav-346, Mal/Inject-P [Sophos]	9
Troj/Agent-JRN [Sophos]	9
Virus.Win32.Inject [Ikarus]	9
VirTool:Win32/CeeInject.gen!W [Microsoft]	8
Backdoor.Win32.Bifrose.for [Kaspersky Lab]	7
Trojan.Generic [PC Tools]	6
Win-Trojan/Agent.44925.B [AhnLab]	6
Backdoor.Trojan [Symantec]	5
Dropper/Stabs.48541 [AhnLab]	5
Trojan.Win32.Agent.bwnu [Kaspersky Lab]	5
Trojan-Dropper.Win32.Stabs [Ikarus]	5
Win-Trojan/Agent.44957 [AhnLab]	5
Mal/Behav-346 [Sophos]	4
Mal/Generic-A [Sophos]	4
Mal/Generic-A, Mal/Behav-346 [Sophos]	4
VirTool:Win32/Injector.gen!AG [Microsoft]	4
Win-Trojan/Agent.41341.F [AhnLab]	4
Backdoor-CEP.gen.m [McAfee]	3
Dropper/Stabs.40317 [AhnLab]	3
Mal/Bifrose-W, Mal/Behav-346, Mal/Inject-P [Sophos]	3
Trojan.Win32.Agent.buag [Kaspersky Lab]	3
VirTool:Win32/Injector.gen!W [Microsoft]	3
Win-Trojan/Xema.variant [AhnLab]	3
Backdoor.Trojan [PC Tools]	2
Mal/Behav-346, Mal/Inject-P, Mal/Bifrose-W [Sophos]	2
Trojan.Win32.Agent.cjgr [Kaspersky Lab]	2
Trojan.Win32.Agent.cnzw [Kaspersky Lab]	2
VirTool:Win32/CeeInject.gen!N [Microsoft]	2
Backdoor.Win32.Bifrose.baxe [Kaspersky Lab]	1
Backdoor.Win32.Bifrose.bftq [Kaspersky Lab]	1
Dropper/Stabs.41341.K [AhnLab]	1
Generic MSVC.h [McAfee]	1
Mal/Behav-346, Mal/Inject-P, Mal/Behav-103, Mal/Behav-043 [Sophos]	1
Mal/Bifrose-W, Mal/Behav-346 [Sophos]	1
Mal/Inject-P [Sophos]	1
Troj/Mdrop-CBW [Sophos]	1
Troj/Mdrop-CGK [Sophos]	1
Trojan.Win32.Agent.bzlu [Kaspersky Lab]	1
Trojan.Win32.Agent.cznu [Kaspersky Lab]	1
Trojan.Win32.Midgare.vmg [Kaspersky Lab]	1
Trojan.Win32.Refroso.lza [Kaspersky Lab]	1
Trojan-Dropper.Win32.Stabs.efx [Kaspersky Lab]	1
Trojan-Dropper.Win32.Stabs.ek [Kaspersky Lab]	1
Virus.Win32.CeeInject [Ikarus]	1
Win-Trojan/Agent.42365 [AhnLab]	1
Win-Trojan/Agent.57725 [AhnLab]	1
Win-Trojan/Agent.67676 [AhnLab]	1
Win-Trojan/Bifrose.42365.Q [AhnLab]	1
Win-Trojan/Bifrose.42397.B [AhnLab]	1

BKDR_BIFROSE.DZZ [Trend Micro] is known to be created as:

%ProgramFiles%\anti-virus\server.exe

%ProgramFiles%\bifrost\server.exe

%ProgramFiles%\bifrost\win.exe

%ProgramFiles%\jnooony\coffin.exe

%ProgramFiles%\system23\iexplore.exe

%ProgramFiles%\systen\win32.exe

%ProgramFiles%\wincrak\payload.exe

%System%\bifrost\saret.exe

%System%\bifrost\server.exe

%System%\cmd32.exe

%System%\dllwt\dlldh.exe

%System%\info\sys6.exe

%System%\messenger\msnmsg.exe

%System%\sysdll\runsys.exe

%System%\update.exe

%System%\win\windows.exe

%Temp%\ixp000.tmp\aaa.exe

%Temp%\ixp000.tmp\obadah.exe

%Temp%\ixp000.tmp\s.exe

%Temp%\ixp000.tmp\server.exe

%Temp%\server.exe

%Temp%\xx.exe

%Windir%\11\ad.exe

%Windir%\bifrost\server.exe

%Windir%\internet explor\internet.exe

%Windir%\sys\12.exe

%Windir%\sys\21.exe

%Windir%\sys\9.exe

c:\extracted\dll.exe.exe

Notes:

%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
%Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
%Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.