Threat Search: 

ThreatExpert's Statistics for Mal/Basine-C [Sophos]:

Mal/Basine-C [Sophos] is also known as:
Threat AliasNumber of Incidents
Email-Worm.Win32.Agent.bx [Kaspersky Lab]721
Trojan.Pandex [Symantec]672
Spy-Agent.bv [McAfee]662
Win32/Agent.worm.62464 [AhnLab]621
Email-Worm.Win32.Agent.bx [Ikarus]457
I-Worm.Wigon.Gen [PC Tools]455
Spammer:Win32/Talwadig.A [Microsoft]318
Spammer:Win32/Cutwail.gen!B [Microsoft]247
Backdoor.Trojan [Symantec]72
Trojan Horse [Symantec]66
Trojan.Adclicker [Symantec]65
Worm.Win32.AutoRun.aing [Kaspersky Lab]64
Trojan-Downloader.Win32.Delf [Ikarus]61
PWS:Win32/Cimuz.D [Microsoft]50
Backdoor.Win32.Bandok [Ikarus]49
BackDoor-CSN [McAfee]49
Backdoor.Win32.Bandok.av [Kaspersky Lab]48
W32/Autorun.worm!n [McAfee]48
Backdoor:Win32/Bandok [Microsoft]45
Backdoor.Bandok [PC Tools]44
Worm.Win32.AutoRun [Ikarus]44
New Malware.aj [McAfee]42
Dropper/Downloader.99449 [AhnLab]40
BackDoor-AWQ.svr.gen.a [McAfee]38
Virus.Win32.OnLineGames.AHK [Ikarus]37
Packed/Upack [AhnLab]36
Downloader [Symantec]35
Infostealer [Symantec]34
Suspicious.MH690 [Symantec]34
Backdoor.Graybird [Symantec]32
Trojan.Adclicker!sd6 [PC Tools]32
Generic.dx [McAfee]30
W32.Fiala.A [Symantec]28
Trojan:Win32/Ositki.A [Microsoft]24
Generic PWS.y [McAfee]22
Trojan-Dropper.Delf [Ikarus]22
PWS:Win32/Ldpinch.gen [Microsoft]21
Malware.Fiala [PC Tools]19
BKDR_BANDOK.AU [Trend Micro]18
Trojan.ATRAPS [Ikarus]18
Tcad-Crypted [McAfee]17
Trojan.Win32.FakeVimes [Ikarus]17
PWS-LDPinch [McAfee]16
Mal/WaledPak-D, Mal/Basine-C [Sophos]15
not-a-virus:FraudTool.Win32.Agent.aed [Kaspersky Lab]15
TrojanDownloader:Win32/Chksyn.gen!A [Microsoft]15
Backdoor.Win32.Kbot.aq [Ikarus]14
Trojan.DR.Dirat.Gen [PC Tools]14
Trojan.KillAV [Symantec]14
Trojan-PWS.Win32.LdPinch [Ikarus]14
Downloader.gen.a [McAfee]13
Trojan-PWS.LDPinch.1417 [Ikarus]13
VirusDoctor [Symantec]13
Worm.Win32.SillyShareCopy [Ikarus]13
Backdoor:Win32/Phdet.gen!A [Microsoft]12
Trojan.Win32.Ositki [Ikarus]12
Trojan-Downloader.Win32.Mutant.avx [Kaspersky Lab]12
Trojan-Dropper.Win32.Agent.arr [Kaspersky Lab]12
TSPY_PROAGENT.BK [Trend Micro]12
W32/Autorun.worm.gen [McAfee]12
HeurEngine.MaliciousPacker [PC Tools]11
Trojan.Progent [Symantec]11
Trojan-Downloader.Win32.Small [Ikarus]11
W32.Whacker.A [Symantec]11
Packed.Generic.264 [Symantec]10
TROJ_VIRANTIX.AJ [Trend Micro]10
Trojan.KillAV [PC Tools]10
Backdoor.IRCBot.WZO [PC Tools]9
Backdoor.Win32.IRCBot.bib [Kaspersky Lab]9
Backdoor:Win32/Sdbot [Microsoft]9
BehavesLikeWin32.ExplorerHijack [Ikarus]9
Infostealer.Ldpinch [Symantec]9
Trojan.Win32.Agent [Ikarus]9
Trojan-Downloader.Win32.Agent.azg [Kaspersky Lab]9
Trojan-Downloader.Win32.Banload [Ikarus]9
Trojan-Spy.Win32.ProAgent.P [Ikarus]9
W32/Sdbot.worm [McAfee]9
Win-Trojan/Agent.98304.S [AhnLab]9
Backdoor:Win32/Poisonivy.E [Microsoft]8
W32.SillyDC [Symantec]8
Generic BackDoor [McAfee]7
Worm.AutoRun.GEN [PC Tools]7
BKDR_NUCLEAR.AZ [Trend Micro]6
Downloader.Trojan [Symantec]6
Dropper/Agent.329878 [AhnLab]6
FakeAlert-EA [McAfee]6
Generic Downloader.x [McAfee]6
Generic Dropper.bu [McAfee]6
MalwareScope.Trojan-PWS.Pinch.1 [Ikarus]6
Packed.Win32.Krap.ah [Kaspersky Lab]6
Trojan.Crypt [Ikarus]6
Trojan.Delfinject.Gen.3 [PC Tools]6
Trojan.Fakeavalert [Symantec]6
Trojan.Midgare.EYZ [PC Tools]6
TrojanDownloader:Win32/Small [Microsoft]6
TrojanSpy.DR.ProAgent.AA.Gen [PC Tools]6
VirTool.Win32.DelfInject [Ikarus]6
Win-Trojan/Cosne.606218 [AhnLab]6
Win-Trojan/Horse.35048 [AhnLab]6
Backdoor.Win32.Hupigon.mmt [Kaspersky Lab]5

Mal/Basine-C [Sophos] has the following possible countries of origin:
OriginNumber of Incidents
China191
United Kingdom70
Russian Federation46
Brazil13
Turkey9
Sweden3
Germany2
New Zealand2
Netherlands1

Mal/Basine-C [Sophos] is known to be created as:
%AllUsersProfile%\application data.exe\desktop.ini.exe
%AllUsersProfile%\documents.exe\desktop.ini.exe
%AllUsersProfile%\documents.exe\my music.exe\desktop.ini.exe
%AllUsersProfile%\documents.exe\my pictures.exe\desktop.ini.exe
%AllUsersProfile%\documents.exe\my videos.exe\desktop.ini.exe
%AllUsersProfile%\drm.exe\drmv2.lic.exe
%AllUsersProfile%\drm.exe\drmv2.sst.exe
%AllUsersProfile%\start menu.exe\desktop.ini.exe
%AllUsersProfile%\start menu.exe\programs.exe\desktop.ini.exe
%AppData%\45.exe
%AppData%\gdipfontcachev1.dat.exe
%AppData%\iconcache.db.exe
%AppData%\microsoft\helpctr\helpsessionhistory.dat.exe
%AppData%\microsoft\windows media\9.0\wmsdkns.dtd.exe
%AppData%\microsoft\windows media\9.0\wmsdkns.xml.exe
%CommonAppData%\018e\fastav.exe
%CommonAppData%\03e1\fastav.exe
%CommonAppData%\2deb8\sm064.exe
%CommonAppData%\2deb8\vs064.exe
%CommonAppData%\2deb8\we064.exe
%CommonAppData%\2deb8\wi064.exe
%CommonAppData%\2deb8\wp064.exe
%CommonAppData%\2deb8\ws064.exe
%CommonAppData%\58ea\valarm.exe
%CommonAppData%\c5c3\vdoceca1.exe
%CommonAppData%\e4a12b7\lpe4a1.exe
%CommonAppData%\e4a12b7\mse4a1.exe
%CommonAppData%\e4a12b7\pcliveguard.exe
%CommonAppData%\e4a12b7\sae4a1.exe
%CommonAppData%\e4a12b7\wee4a1.exe
%CommonAppData%\e4a12b7\wie4a1.exe
%CommonAppData%\e4a12b7\winadguard.exe
%CommonAppData%\e4a12b7\winedefender.exe
%CommonAppData%\e4a12b7\wpe4a1.exe
%CommonFavorites%\netservice.exe
%Favorites%\desktop.ini.exe
%Favorites%\links\windows.url.exe
%Favorites%\msn.com.url.exe
%InternetCache%\desktop.ini.exe
%LocalSettings%\desktop.ini.exe
%LocalSettings%\history\desktop.ini.exe
%Profiles%\default user.exe\application data.exe\desktop.ini.exe
%Profiles%\default user.exe\cookies.exe\index.dat.exe
%Profiles%\default user.exe\local settings.exe\desktop.ini.exe
%Profiles%\default user.exe\sendto.exe\desktop.ini.exe
%Profiles%\default user.exe\start menu.exe\desktop.ini.exe
%Profiles%\default user.exe\templates.exe\amipro.sam.exe
%Profiles%\default user.exe\templates.exe\excel.xls.exe
%Profiles%\default user.exe\templates.exe\excel4.xls.exe
%Profiles%\default user.exe\templates.exe\lotus.wk4.exe
%Profiles%\default user.exe\templates.exe\powerpnt.ppt.exe
%Profiles%\default user.exe\templates.exe\presenta.shw.exe
%Profiles%\default user.exe\templates.exe\quattro.wb2.exe
%Profiles%\default user.exe\templates.exe\sndrec.wav.exe
%Profiles%\default user.exe\templates.exe\winword.doc.exe
%Profiles%\default user.exe\templates.exe\winword2.doc.exe
%Profiles%\default user.exe\templates.exe\wordpfct.wpd.exe
%Profiles%\default user.exe\templates.exe\wordpfct.wpg.exe
%Profiles%\localservice\local settings\desktop.ini.exe
%Profiles%\networkservice\local settings\desktop.ini.exe
%Profiles%\networkservice\ntuser.ini.exe
%ProgramFiles%\common files\cozim.exe
%ProgramFiles%\common files\rtry.exe
%ProgramFiles%\iemailer - email marketing\iemailer.exe
%ProgramFiles%\mesc.exe
%ProgramFiles%\mprby.exe
%ProgramFiles%\msds.exe
%ProgramFiles%\msfs.exe
%ProgramFiles%\mshs.exe
%ProgramFiles%\mssh.exe
%ProgramFiles%\mssi.exe
%ProgramFiles%\mssl.exe
%ProgramFiles%\msso.exe
%ProgramFiles%\msst.exe
%ProgramFiles%\mssy.exe
%ProgramFiles%\mssz.exe
%ProgramFiles%\netfilter\netfilter.exe
%ProgramFiles%\sochst.exe
%ProgramFiles%\sovhst.exe
%ProgramFiles%\spo0sv.exe
%ProgramFiles%\spovl.exe
%ProgramFiles%\svhst.exe
%ProgramFiles%\vschst.exe
%Programs%\startup\axtivex.exe
%Programs%\startup\soundsvol.exe
%Programs%\startup\usuario.exe
%System%\0914\setup707.exe
%System%\1028b.exe
%System%\1028f.exe
%System%\1028x.exe
%System%\1028z.exe
%System%\1033d.exe
%System%\1033f.exe
%System%\1033l.exe
%System%\1033x.exe
%System%\1054t.exe
%System%\12520850x.exe
%System%\12520850z.exe
%System%\3076j.exe
%System%\3076n.exe
Notes:
  • %AllUsersProfile% is a variable that specifies the all users' profile folder. By default, this is C:\Documents and Settings\All Users (Windows NT/2000/XP).
  • %AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
  • %CommonAppData% is a variable that refers to the file system directory containing application data for all users. A typical path is C:\Documents and Settings\All Users\Application Data.
  • %CommonFavorites% is a variable that refers to the file system directory that serves as a common repository for all users' favorite items. A typical path is C:\Documents and Settings\All Users\Favorites (Windows NT/2000/XP).
  • %Favorites% is a variable that refers to the file system directory that serves as a common repository for the user's favorite items. A typical path is C:\Documents and Settings\[UserName]\Favorites.
  • %InternetCache% is a variable that refers to the file system directory that serves as a common repository for temporary Internet files. A typical path is C:\Documents and Settings\[UserName]\Local Settings\Temporary Internet Files.
  • %LocalSettings% is a variable that specifies the current user's local settings folder. By default, this is C:\Documents and Settings\[UserName]\Local Settings (Windows NT/2000/XP).
  • %Profiles% is a variable that refers to the file system directory containing user profile folders. A typical path is C:\Documents and Settings.
  • %ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
  • %Programs% is a variable that refers to the file system directory that contains the user's program groups. A typical path is C:\Documents and Settings\[UserName]\Start Menu\Programs.
  • %System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).