Threat Search: 

ThreatExpert's Statistics for Infostealer.Gampass [Symantec]:

Infostealer.Gampass [Symantec] is also known as:
Threat AliasNumber of Incidents
Trojan-Spy.Gampass!sd6 [PC Tools]66,168
Generic.Onlinegames [Ikarus]36,449
Trojan-GameThief.Win32.Magania [Ikarus]34,590
Generic Dropper.eb [McAfee]34,540
PWS-OnlineGames.ek [McAfee]33,673
PWS-Mmorpg.gen [McAfee]30,331
Generic.PWS.Games [Ikarus]29,850
Trojan-PWS.Win32.LdPinch [Ikarus]29,011
Troj/PWS-BCC [Sophos]28,649
Troj/Lineag-BG [Sophos]22,159
Mal/Behav-116 [Sophos]21,031
Troj/PWS-AZJ [Sophos]11,670
Mal/Generic-A [Sophos]11,358
Worm.Win32.Downloader.acp [Kaspersky Lab]8,757
Trojan-GameThief.Win32.WOW [Ikarus]7,489
Trojan-GameThief.Win32.Magania.bvpp [Kaspersky Lab]7,452
Win-Trojan/OnlineGameHack.18944.EA [AhnLab]7,452
PWS-LDPinch [McAfee]7,141
Mal/PWS-W [Sophos]6,740
Troj/LdPinch-SE [Sophos]6,595
Trojan-GameThief.Win32.Magania.bfrp [Kaspersky Lab]6,304
Mal/Inet-Fam [Sophos]6,002
Trojan-GameThief.Win32.Magania.axfh [Kaspersky Lab]4,750
Mal/PWS-W, Mal/Gampass-B [Sophos]4,180
Trojan-PSW.Win32.LdPinch.grr [Kaspersky Lab]4,036
Mal/Emogen-R [Sophos]3,947
TSPY_ONLINEG.FSD [Trend Micro]3,480
Trojan-GameThief.Magania.bafc [PC Tools]3,424
Trojan-PSW.Win32.LdPinch.afcm [Kaspersky Lab]3,325
Mal/RootKit-A [Sophos]3,294
Mal_OLGM-6 [Trend Micro]3,055
Trojan-PWS.OnlineGames [PC Tools]3,027
Worm.Win32.Downloader.acl [Kaspersky Lab]2,982
Trojan.OnlineGames.Gen.45 [PC Tools]2,962
PWS-Gamania.dll [McAfee]2,898
Trojan-Spy.Gampass [PC Tools]2,703
Win-Trojan/OnlineGameHack.23883.M [AhnLab]2,695
Trojan-GameThief.Win32.Magania.ayxo [Kaspersky Lab]2,474
New Malware.aj [McAfee]2,471
Worm.Win32.Downloader.zx [Kaspersky Lab]2,454
Mal/Gampass-B [Sophos]2,425
Trojan-PSW.Win32.QQPass.glm [Kaspersky Lab]2,421
Trojan-GameThief.Win32.Magania.cbrt [Kaspersky Lab]2,394
Mal/Mdrop-Fam [Sophos]2,356
Mal/EncPk-EW [Sophos]2,289
Generic PWS.y [McAfee]2,261
Trojan-GameThief.Win32.Magania.axbp [Kaspersky Lab]2,227
Win-Trojan/OnlineGameHack.23552.CI [AhnLab]2,166
Trojan-PSW.Win32.LdPinch.aeof [Kaspersky Lab]2,115
Trojan-PWS.OnlineGames.ADRD [PC Tools]2,051
Win-Trojan/LdPinch.23150.F [AhnLab]2,030
Win-Trojan/OnlineGameHack.14423 [AhnLab]1,978
Mal/WOWPWS-B [Sophos]1,965
Trojan-PSW.Win32.LdPinch.aenn [Kaspersky Lab]1,957
Worm.Win32.Downloader.ada [Kaspersky Lab]1,940
Worm.Win32.Downloader.abv [Kaspersky Lab]1,913
Trojan-GameThief.Win32.OnLineGames [Ikarus]1,898
Generic.dx [McAfee]1,872
Trojan-GameThief.Win32.Magania.axea [Kaspersky Lab]1,849
Trojan-GameThief.Win32.Magania.axfn [Kaspersky Lab]1,849
Trojan-GameThief.Win32.Magania.axbt [Kaspersky Lab]1,840
Trojan-PSW.Win32.LdPinch.afea [Kaspersky Lab]1,784
Trojan-GameThief.Win32.Magania.axbu [Kaspersky Lab]1,766
Trojan-GameThief.Win32.Magania.axes [Kaspersky Lab]1,764
Trojan-GameThief.Win32.Magania.axet [Kaspersky Lab]1,764
Win-Trojan/LdPinch.24177 [AhnLab]1,764
Win-Trojan/LdPinch.9956 [AhnLab]1,764
Win-Trojan/OnlineGameHack.14929 [AhnLab]1,764
PWS:Win32/OnLineGames.AF [Microsoft]1,748
Trojan-GameThief.Win32.Magania.axbr [Kaspersky Lab]1,735
Trojan-GameThief.Win32.Magania.axbn [Kaspersky Lab]1,714
Win-Trojan/Magania.18521 [AhnLab]1,696
Trojan-GameThief.Win32.Magania.bfsl [Kaspersky Lab]1,692
Trojan-PSW.Win32.LdPinch.aeoc [Kaspersky Lab]1,680
Trojan-PSW.Win32.LdPinch.afvp [Kaspersky Lab]1,667
Trojan-GameThief.Win32.Magania.bfwc [Kaspersky Lab]1,660
Win-Trojan/OnlineGameHack.22133 [AhnLab]1,651
Win-Trojan/Magania.27252 [AhnLab]1,643
Trojan-PSW.Gampass [PC Tools]1,617
Win-Trojan/OnlineGameHack.17999.D [AhnLab]1,592
Trojan-GameThief.Win32.OnLineGames.bmnz [Kaspersky Lab]1,531
PWS-OnlineGames.ei [McAfee]1,523
Trojan-GameThief.Win32.Magania.axgh [Kaspersky Lab]1,482
New Malware.n [McAfee]1,454
Generic!atr [McAfee]1,406
Trojan-GameThief.Win32.WOW.gyq [Kaspersky Lab]1,406
Packed/Upack [PC Tools]1,402
Trojan-GameThief.Win32.Magania.bful [Kaspersky Lab]1,368
Trojan-GameThief.Win32.Magania.gen [Kaspersky Lab]1,354
Trojan-GameThief.Win32.Magania.cedk [Kaspersky Lab]1,323
Win-Trojan/Magania.24672 [AhnLab]1,317
PWS:Win32/OnLineGames.NJ!sys [Microsoft]1,298
Trojan-GameThief.Win32.Magania.awcg [Kaspersky Lab]1,261
Win-Trojan/Magania.23690 [AhnLab]1,250
Win-Trojan/OnlineGameHack.16972.D [AhnLab]1,250
Trojan-GameThief.Win32.Magania.bouf [Kaspersky Lab]1,239
Trojan-GameThief.Win32.OnLineGames.bmnx [Kaspersky Lab]1,198
Trojan-Dropper.Win32.Agent.ayqa [Kaspersky Lab]1,163
Win-Trojan/OnlineGameHack.18530 [AhnLab]1,157
Trojan-GameThief.Win32.Magania.biht [Kaspersky Lab]1,156

Infostealer.Gampass [Symantec] has the following possible countries of origin:
OriginNumber of Incidents
China94,606
Russian Federation102
Brazil90
United Kingdom56
Australia29
Germany29
Portugal20
Japan19
Belgium14
Sweden13
France12
Ukraine10
Spain9
Italy5
Netherlands5
Saudi Arabia5
Switzerland5
Taiwan5
Canada4
Iran4
Israel4
Republic of Korea4
Turkey3
Denmark2
Poland2
Slovakia2
Hungary1
Indonesia1
Latvia1
Morocco1
Norway1

Infostealer.Gampass [Symantec] is known to be created as:
%AllUsersProfile%\tghjgoo\17.exe
%AppData%\adobe\manager.exe
%AppData%\gymspzd.dll
%AppData%\key folder\sql2005.dll
%AppData%\spy9.dll
%AppData%\t1.dll
%CommonAppData%\kkkyo.exe
%CommonDocuments%\settings\ivn4.dll
%CommonDocuments%\settings\partnership.dll
%CommonFavorites%\azykgdpn.exe
%CommonFavorites%\betmgqkq.exe
%CommonFavorites%\cvudgfjf.exe
%CommonFavorites%\emddvury.exe
%CommonFavorites%\epfxfkkd.exe
%CommonFavorites%\estaaoqt.exe
%CommonFavorites%\fcoineab.exe
%CommonFavorites%\ghcgbuml.exe
%CommonFavorites%\hfmxd.exe
%CommonFavorites%\iiccpbbq.exe
%CommonFavorites%\imhceukc.exe
%CommonFavorites%\llltzmhw.exe
%CommonFavorites%\netservice.exe
%CommonFavorites%\sfaqkvxu.exe
%CommonFavorites%\tvwwowuu.exe
%CommonFavorites%\ugfcatwc.exe
%CommonFavorites%\uwycemop.exe
%CommonFavorites%\wbnxmklx.exe
%CommonFavorites%\winmxd.exe
%CommonFavorites%\zanwormh.exe
%CommonPrograms%\startup\1.exe
%CommonPrograms%\startup\adobe.exe
%CommonPrograms%\startup\igfxtray.exe
%CommonPrograms%\startup\msn_mss.exe
%CommonPrograms%\startup\msnmsg.scr
%CommonPrograms%\startup\msnmsgr.exe
%CommonPrograms%\startup\oxfirewall.exe
%CommonPrograms%\startup\qq.exe
%CommonPrograms%\startup\winsys3.exe
%DownloadedProgramFiles%\bcy8h.dll
%DownloadedProgramFiles%\d0j1q3kh.dll
%DownloadedProgramFiles%\n35.dll
%DownloadedProgramFiles%\nei3l8cc.dll
%DownloadedProgramFiles%\tkkku9.dll
%DownloadedProgramFiles%\ummu.dll
%FontsDir%\360eaec0.exe
%FontsDir%\ashwpnlm.dll
%FontsDir%\asnfjugs.dll
%FontsDir%\avwgimn.dll
%FontsDir%\avwgist.exe
%FontsDir%\avwgjmn.dll
%FontsDir%\avwljmn.dll
%FontsDir%\avwljst.exe
%FontsDir%\avwlkmn.dll
%FontsDir%\avwlkst.exe
%FontsDir%\avzxnmn.dll
%FontsDir%\avzxnst.exe
%FontsDir%\avzxomn.dll
%FontsDir%\avzxost.exe
%FontsDir%\behtlpeq.dll
%FontsDir%\bnktnwgr.dll
%FontsDir%\bpvsyvmm.dll
%FontsDir%\ceqhtkfq.dll
%FontsDir%\cipwhvkm.dll
%FontsDir%\codoor0.dll
%FontsDir%\comres.dll
%FontsDir%\comress.dll
%FontsDir%\comso.dll
%FontsDir%\ctmres.dll
%FontsDir%\cwbuebpe.dll
%FontsDir%\czccupfq.dll
%FontsDir%\diexgjjb.dll
%FontsDir%\duasouzt.dll
%FontsDir%\dvrtqwtn.dll
%FontsDir%\dxqmietn.dll
%FontsDir%\ecdzrygl.dll
%FontsDir%\emxpapuf.dll
%FontsDir%\etdpsoey.dll
%FontsDir%\ffgcksfr.dll
%FontsDir%\fnogezay.dll
%FontsDir%\gjcsdyc.dll
%FontsDir%\gjcsdzc.exe
%FontsDir%\gjfhbyc.dll
%FontsDir%\gjfhbzc.exe
%FontsDir%\gjkbixfn.dll
%FontsDir%\gjrchvjs.dll
%FontsDir%\gjtmbyc.dll
%FontsDir%\gjtmbzc.exe
%FontsDir%\gllgnujl.dll
%FontsDir%\grtlocxy.dll
%FontsDir%\hchftrkv.dll
%FontsDir%\hejuhkni.dll
%FontsDir%\hf0215.dll
%FontsDir%\hktogppr.dll
%FontsDir%\hrdjjtsi.dll
%FontsDir%\hwbzvglg.dll
%FontsDir%\idkcvlin.dll
%FontsDir%\inflsrhv.dll
%FontsDir%\iprckpmq.dll
%FontsDir%\itlrwojp.dll
%FontsDir%\izkvtzvc.dll
Notes:
  • %AllUsersProfile% is a variable that specifies the all users' profile folder. By default, this is C:\Documents and Settings\All Users (Windows NT/2000/XP).
  • %AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
  • %CommonAppData% is a variable that refers to the file system directory containing application data for all users. A typical path is C:\Documents and Settings\All Users\Application Data.
  • %CommonDocuments% is a variable that refers to the file system directory that contains documents that are common to all users. A typical paths is C:\Documents and Settings\All Users\Documents.
  • %CommonFavorites% is a variable that refers to the file system directory that serves as a common repository for all users' favorite items. A typical path is C:\Documents and Settings\All Users\Favorites (Windows NT/2000/XP).
  • %CommonPrograms% is a variable that refers to the file system directory that contains the directories for the common program groups that appear on the Start menu for all users. A typical path is C:\Documents and Settings\All Users\Start Menu\Programs (Windows NT/2000/XP).
  • %DownloadedProgramFiles% is a variable that refers to the file system directory containing downloaded program files. A typical path is C:\Windows\Downloaded Program Files.
  • %FontsDir% is a variable that refers to a virtual folder containing fonts. A typical path is C:\Windows\Fonts.