Threat Search: 

ThreatExpert's Statistics for Downloader.Delphi [Ikarus]:

Downloader.Delphi [Ikarus] is also known as:
Threat AliasNumber of Incidents
Trojan Horse [Symantec]126
Trojan:Win32/Meredrop [Microsoft]96
Win-Trojan/Buzus.73728.AB [AhnLab]91
Trojan.Win32.Buzus.bzdt [Kaspersky Lab]82
Generic Dropper!bbx [McAfee]81
Troj/Injec-A [Sophos]81
Mal/Generic-A [Sophos]45
BackDoor-CZP.dr [McAfee]38
Backdoor:Win32/Turkojan.AI [Microsoft]36
Backdoor.Trojan [Symantec]35
Mal/Generic-E, Mal/Behav-333 [Sophos]32
Backdoor.Win32.Turkojan.il [Kaspersky Lab]30
Win-Trojan/Turkojan.276992 [AhnLab]30
Troj/Merein-Gen [Sophos]20
TrojanDropper:Win32/Delf.CI [Microsoft]16
Backdoor.Turkojan.I [PC Tools]11
Backdoor.Win32.Turkojan.r [Kaspersky Lab]11
Troj/Agent-GMF [Sophos]11
Trojan-Dropper.Win32.Wlord.gen [Kaspersky Lab]11
Win-Trojan/Turkojan.307712 [AhnLab]11
Generic.dx [McAfee]10
Downloader [Symantec]9
Generic PUP.x [McAfee]9
Suspicious.MH690 [Symantec]9
Trojan.Zlob [Symantec]8
Generic Dropper [McAfee]7
VirTool:Win32/Injector.gen!P [Microsoft]7
W32.IRCBot.Gen [Symantec]7
Generic.dx!fpc [McAfee]6
Spy-Agent.df [McAfee]6
Trojan.Generic [PC Tools]6
Trojan.Vundo [Symantec]6
Trojan-Banker.Win32.Banker.zaq [Kaspersky Lab]6
Backdoor.Win32.TDSS.avq [Kaspersky Lab]5
Trojan.Win32.BHO.gsn [Kaspersky Lab]5
Trojan-Dropper.Win32.Agent.qvx [Kaspersky Lab]5
VirTool:Win32/DelfInject.gen!AM [Microsoft]5
VirTool:Win32/DelfInject.gen!X [Microsoft]5
Win-Trojan/Xema.variant [AhnLab]5
Backdoor.Turkojan.il [PC Tools]4
Infostealer.Banker.C [Symantec]4
Infostealer.Ldpinch [Symantec]4
Mal/Behav-328, Mal/Dropper-G, Mal/Behav-053 [Sophos]4
Mal/Dropper-G [Sophos]4
PWS:Win32/Zbot [Microsoft]4
Trojan:Win32/Vundo [Microsoft]4
Trojan-PSW.Win32.Delf.ehv [Kaspersky Lab]4
VirTool:Win32/DelfInject.gen!AC [Microsoft]4
Vundo [McAfee]4
Backdoor.Trojan [PC Tools]3
Mal/QLowZ-A [Sophos]3
PE_CORELINK.C-1 [Trend Micro]3
Trojan.Buzus [PC Tools]3
Trojan.Dropper [Symantec]3
Trojan.Win32.Agent.afhj [Kaspersky Lab]3
Trojan.Win32.Agent.ahkl [Kaspersky Lab]3
Trojan.Win32.Agent.ahls [Kaspersky Lab]3
Trojan.Win32.Agentb.t [Kaspersky Lab]3
Virus.Win32.Alman.b [Kaspersky Lab]3
Virus:Win32/Almanahe.B [Microsoft]3
W32.Almanahe.B!inf [Symantec]3
W32/Almanahe.c [McAfee]3
W32/Alman-C [Sophos]3
Win32/Alman.C [AhnLab]3
Win-Trojan/Agent.643395 [AhnLab]3
Backdoor:Win32/Poison.M [Microsoft]2
Backdoor:Win32/Refpron.P [Microsoft]2
BackDoor-CZP.dr.gen.a [McAfee]2
Downloader.gen.a [McAfee]2
Generic BackDoor!bkr [McAfee]2
Generic Dropper.gr [McAfee]2
Infostealer [Symantec]2
Mal/EncPk-GC [Sophos]2
New Malware.bx [McAfee]2
PWS-LDPinch [McAfee]2
PWS-LegMir.dll [McAfee]2
Trojan.DR.Agent.EDYU [PC Tools]2
Trojan.KillAV [Symantec]2
Trojan.Vundo!sd6 [PC Tools]2
Trojan.Win32.Buzus [Ikarus]2
Trojan.Win32.Buzus.cgtl [Kaspersky Lab]2
Trojan.Win32.Sasfis.oac [Kaspersky Lab]2
Trojan:Win32/Malagent [Microsoft]2
Trojan-Banker.Win32.Banker.ammc [Kaspersky Lab]2
Trojan-Downloader.Win32.FraudLoad.vccm [Kaspersky Lab]2
TrojanDownloader:Win32/Delf.IA [Microsoft]2
Trojan-Dropper.Win32.Zbot.m [Kaspersky Lab]2
TrojanDropper:Win32/Lukicsel.E [Microsoft]2
Trojan-PSW.Win32.LdPinch.abqx [Kaspersky Lab]2
Trojan-Spy.Win32.Zbot.aasa [Kaspersky Lab]2
VirTool:Win32/DelfInject.gen!L [Microsoft]2
Virus.Win32.Induc.a [Kaspersky Lab]2
Virus.Win32.Virut.ce [Kaspersky Lab]2
W32.Virut.CF [Symantec]2
Win32/Virut.F [AhnLab]2
Win-Trojan/Atraps.26624.B [AhnLab]2
Win-Trojan/Banker.762498 [AhnLab]2
Win-Trojan/Banload.340596 [AhnLab]2
Adware.MyCentria [Symantec]1
Backdoor.Nuclear [Symantec]1

Downloader.Delphi [Ikarus] has the following possible countries of origin:
OriginNumber of Incidents
Russian Federation24
China6
Netherlands5
Israel4
United Kingdom4
Brazil3
Sweden2
Belgium1
Indonesia1
Japan1

Downloader.Delphi [Ikarus] is known to be created as:
%AppData%\kaspersky.exe
%ProgramFiles%\adobe\adobe help center\msvcr75.dll
%ProgramFiles%\linkcollector portable\feedback.exe
%System%\avg.exe
%System%\explorer.exe
%System%\fastnetsrv.exe
%System%\iioq.exe
%System%\lphc35dj0erc1.exe
%System%\lssmon.exe
%System%\msansspc.dll
%System%\mssrv32.exe
%System%\ntos.exe
%System%\number1.exe
%System%\opeia.exe
%System%\sdra64.exe
%System%\smlllx98.exe
%System%\spool.exe
%System%\spooler.exe
%System%\startmgr32.exe
%System%\systemsmtp.exe
%System%\twex.exe
%System%\winhelp.exe
%System%\wmdtc.exe
%Temp%\1.tmp\ere.exe
%Temp%\520dnf-gesoft\520dnf-gesoft\gesoft.exe
%Temp%\88321.exe
%Temp%\asadfg43rwaef.exe
%Temp%\clips01505.scr
%Temp%\ddoser3.6.exe
%Temp%\gvldbivq.exe
%Temp%\kafan virlist 2009.03.08\090308-2-0.exe
%Temp%\kg.exe
%Temp%\manual.exe
%Temp%\otygh.exe
%Temp%\piserver.exe
%Temp%\procexp1.exe
%Temp%\server.exe
%Temp%\services.exe
%Temp%\sis.exe
%Temp%\svchost.exe
%Temp%\update.exe
%Temp%\wdsr1.dll
%Temp%\wdtd1.dll
%Temp%\xjehx.exe
%Windir%\apocalyps32.exe
%Windir%\ctfmon.exe
%Windir%\divx32.dll
%Windir%\divxapi32.dll
%Windir%\ergerg.exe
%Windir%\iexplorer.exe
%Windir%\masterdevirus32.exe
%Windir%\msnh.exe
%Windir%\msnmessenger.exe
%Windir%\mstwain32.exe
%Windir%\msvcnu.exe
%Windir%\msvcnu32.exe
%Windir%\procexp.exe
%Windir%\superproxy.exe
%Windir%\utility.exe
%Windir%\web\iexpl0re.exe
%Windir%\winlogon.exe
%Windir%\winlogon1.exe
c:\0jpz.exe
c:\40.exe
Notes:
  • %AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
  • %ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
  • %System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
  • %Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
  • %Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.