ThreatExpert's Statistics for Mal/Behav-024 [Sophos]:

Mal/Behav-024 [Sophos] is also known as:

Threat Alias	Number of Incidents
Trojan-Downloader.Win32.Agent.bhmm [Kaspersky Lab]	32
Downloader [Symantec]	28
Trojan Horse [Symantec]	28
Rootkit.Agent [Ikarus]	26
Trojan-Downloader.Agent!sd6 [PC Tools]	18
Worm.Win32.Fujack.cc [Ikarus]	17
Trojan.Dropper [Symantec]	14
Trojan-PWS.Win32.QQPass [Ikarus]	12
Trojan:Win32/Agent.BM [Microsoft]	11
W32.SillyDC [Symantec]	11
Backdoor.Trojan [Symantec]	10
Worm:Win32/Emerleox.gen!A [Microsoft]	10
Generic BackDoor [McAfee]	9
Win-Trojan/Xema.variant [AhnLab]	9
Generic.dx [McAfee]	8
Trojan.Win32.Agent [Ikarus]	8
W32.Fujacks.E [Symantec]	8
W32.SillyFDC [Symantec]	8
BackDoor-DVF [McAfee]	7
Infostealer.Gampass [Symantec]	7
MalwareScope.Trojan-PWS.Game [Ikarus]	7
PE_FUJACKS.BZ-O [Trend Micro]	7
Trojan-Dropper.Delf [Ikarus]	7
W32/Fujacks.gen.a [McAfee]	7
Worm.Win32.AutoRun.sve [Kaspersky Lab]	7
Trojan.Crypt [Ikarus]	6
Trojan-Downloader.Win32.Small [Ikarus]	6
VirTool:Win32/DelfInject.gen!X [Microsoft]	6
Worm:Win32/Autorun.CY [Microsoft]	6
BackDoor-CKB [McAfee]	5
Generic PWS.y [McAfee]	5
PWS-Gamania [McAfee]	5
Trojan.Banker.Delf [Ikarus]	5
Virus.Win32.Atraps [Ikarus]	5
Win-Trojan/Hupigon.Gen [AhnLab]	5
Backdoor.Formador [Symantec]	4
Backdoor.Prosti.BH [PC Tools]	4
Backdoor.Win32.Hupigon.crch [Kaspersky Lab]	4
Backdoor.Win32.Prosti.bn [Kaspersky Lab]	4
BKDR_AGENT.ALD [Trend Micro]	4
Trojan.Small [Ikarus]	4
Trojan.Win32.Delf.dal [Kaspersky Lab]	4
Trojan.Win32.Delf.hva [Kaspersky Lab]	4
Trojan-Downloader.Win32.Murlo.azl [Kaspersky Lab]	4
Trojan-Dropper.Agent [Ikarus]	4
Trojan-PWS.Win32.OnLineGames [Ikarus]	4
VirTool.Win32.DelfInject [Ikarus]	4
Virus.Win32.Hacko [Ikarus]	4
Virus.Win32.PCAgent.S [Ikarus]	4
Win32.HLLP.WHBoy.Gen [PC Tools]	4
Win-Trojan/Hupigon.147968.G [AhnLab]	4
Backdoor.Graybird [Symantec]	3
Infostealer.Onlinegame [Symantec]	3
PE_FUJACKS.BY-O [Trend Micro]	3
PE_FUJACKS.IF-O [Trend Micro]	3
Trojan.DR.OnlineGames.Gen.83 [PC Tools]	3
Trojan-Spy.Win32.Agent.pn [Ikarus]	3
TrojanSpy:Win32/Hitpop.AE!dll [Microsoft]	3
Virus.Win32.Agent.PUP [Ikarus]	3
W32.Hitapop [Symantec]	3
W32/Autorun.worm.gen [McAfee]	3
Worm.Win32.AutoRun.eio [Kaspersky Lab]	3
Worm.Win32.AutoRun.lsd [Kaspersky Lab]	3
Worm.Win32.Fujack.ci [Kaspersky Lab]	3
Backdoor.Klj [Ikarus]	2
Backdoor.Win32.Popwin [Ikarus]	2
Backdoor:Win32/Small.D [Microsoft]	2
Downloader-BFO [McAfee]	2
Generic Downloader.x [McAfee]	2
Mal_Banker [Trend Micro]	2
PE_FUJACKS.HB-O [Trend Micro]	2
PWS:Win32/Lmir.E [Microsoft]	2
PWS:Win32/OnLineGames.ZDR [Microsoft]	2
PWS-OnlineGames.f [McAfee]	2
Spy-Agent.br.dll [McAfee]	2
Spy-Agent.k [McAfee]	2
Stayt.dll [McAfee]	2
TROJ_DELF.IVK [Trend Micro]	2
Trojan.Bankem [Symantec]	2
Trojan.Win32.Agent.buml [Kaspersky Lab]	2
Trojan.Win32.Delf.gim [Kaspersky Lab]	2
Trojan:Win32/SystemHijack.gen!C [Microsoft]	2
Trojan-Downloader.Win32.Banload [Ikarus]	2
Trojan-Downloader.Win32.Delf.pds [Kaspersky Lab]	2
Trojan-Proxy.Win32.Delf.AN [Ikarus]	2
Trojan-Spy.Delf [Ikarus]	2
Trojan-Spy.Win32.Goldun.bw [Kaspersky Lab]	2
Trojan-Spy.Win32.Pophot.bog [Kaspersky Lab]	2
TrojanSpy:Win32/Goldun.BW [Microsoft]	2
TSPY_AGENT.AI [Trend Micro]	2
TSPY_ONLINEG.QBP [Trend Micro]	2
Virus.Win32.Agent.UWD [Ikarus]	2
Virus.Win32.Viking [Ikarus]	2
Virus:Win32/Viking.JB [Microsoft]	2
W32.SillyWNSE [Symantec]	2
Win-Trojan/Hupigon.75783 [AhnLab]	2
Worm.AutoRun.GEN [PC Tools]	2
Worm.Win32.AutoRun.bms [Kaspersky Lab]	2
Worm.Win32.Fujack.aw [Kaspersky Lab]	2
Worm.Win32.Fujack.cf [Kaspersky Lab]	2

Mal/Behav-024 [Sophos] has the following possible countries of origin:

Origin		Number of Incidents
	China	58
	Brazil	39
	Japan	18
	Republic of Korea	3
	Ukraine	2
	United Kingdom	1

Mal/Behav-024 [Sophos] is known to be created as:

%CommonAppData%\%computername%\snhost.exe

%ProgramFiles%\internet explorer\signup\conime.exe

%ProgramFiles%\meex.exe

%System%\360safefix.dll

%System%\3800hk.dll

%System%\antieng.dll

%System%\avjcsrvx.exe

%System%\baidu.exe

%System%\bserver.dll

%System%\cache\syssafe.exe

%System%\cbak.exe

%System%\cltmon.exe

%System%\cool_gamesetup.exe.exe

%System%\drivers\spoclsv.exe

%System%\drivers\suchost.exe

%System%\drivers\svchosl.exe

%System%\drivers\txp1atform.exe

%System%\explorer.exe

%System%\extensionsk.exe

%System%\fordown.exe

%System%\icwutieinll.dll

%System%\ixerhq.exe

%System%\jksing.dll

%System%\kxuaqm.exe

%System%\local.dll

%System%\lofsdjbo.dll

%System%\microsoftcorporation.dll

%System%\mndhfdwd.dll

%System%\msn.exe

%System%\network.dll

%System%\nvsvc86.exe

%System%\qin58.exe

%System%\qq.dll

%System%\rejoice.dll

%System%\s.exe

%System%\servidor.exe

%System%\sizhu.exe

%System%\sorck.exe

%System%\spoclsv.exe

%System%\stormserver.dll

%System%\system64.exe

%System%\twain.dll

%System%\twain0.dll

%System%\vest.dll

%System%\vmdetdhc.exe

%System%\w32module.exe

%System%\weiai.exe

%System%\winsys32_070122.dll

%System%\winsys32_070123.dll

%System%\winwps32.dll

%Temp%\1045.exe

%Temp%\ixp000.tmp\02.exe

%Temp%\temp\server.exe

%Temp%\tt.exe

%Windir%\dcbdcatys32_080716a.dll

%Windir%\ntmssvc.dll

%Windir%\system32stopaor.exe

%Windir%\tttt.exe

%Windir%\winhost32.exe

%Windir%\xccdf32_080926a.dll

Notes:

%CommonAppData% is a variable that refers to the file system directory containing application data for all users. A typical path is C:\Documents and Settings\All Users\Application Data.
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
%Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
%Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.