ThreatExpert's Statistics for Mal/Behav-043 [Sophos]:

Mal/Behav-043 [Sophos] is also known as:

Threat Alias	Number of Incidents
Trojan.Win32.CDur [Ikarus]	37
Backdoor.Win32.Hupigon [Ikarus]	33
Generic Dropper.bn [McAfee]	28
Trojan Horse [Symantec]	28
Backdoor:Win32/Poison.Y [Microsoft]	27
Backdoor.Graybird [Symantec]	26
W32.SillyFDC [Symantec]	23
Win-Trojan/Xema.variant [AhnLab]	23
Backdoor:Win32/Hupigon [Microsoft]	19
Suspicious.MH690 [Symantec]	19
Gen.Trojan [Ikarus]	17
Infostealer [Symantec]	17
Backdoor.Hupigon.BJVL [PC Tools]	16
BackDoor-AWQ.svr.gen.e [McAfee]	16
TROJ_SHEUR.AOG [Trend Micro]	16
Win-Trojan/Hupigon.505344.D [AhnLab]	15
Generic.dx [McAfee]	12
VirTool:Win32/CeeInject.gen!J [Microsoft]	12
Trojan.Win32.CDur.fc [Kaspersky Lab]	11
VirTool.Win32.CeeInject [Ikarus]	11
Backdoor.Win32.Bifrose.afqy [Kaspersky Lab]	10
W32/YahLover.worm.gen [McAfee]	10
Worm.Win32.VB.cj [Ikarus]	10
Backdoor.Win32.Hupigon.bmda [Kaspersky Lab]	9
Backdoor:Win32/Hupigon.gen!B [Microsoft]	9
Backdoor.Win32.Hupigon.mhp [Kaspersky Lab]	8
Downloader [Symantec]	8
Generic VB.b [McAfee]	8
PWS:Win32/Zbot.gen!R [Microsoft]	8
Trojan:Win32/Iniriror.A [Microsoft]	8
Trojan-Downloader.Win32.Banload [Ikarus]	8
Trojan-Dropper.Delf [Ikarus]	8
BackDoor-AWQ [McAfee]	7
Packed.Generic.265 [Symantec]	7
Possible_Virus [Trend Micro]	6
Trojan.Generic [PC Tools]	6
Worm.Win32.VB [Ikarus]	6
Worm.Win32.VB.ki [Kaspersky Lab]	6
Backdoor.Bifrose [Symantec]	5
Infostealer.Bancos [Symantec]	5
W32/Autorun.worm.ch [McAfee]	5
Worm.VB.DTSH [PC Tools]	5
Worm:Win32/VB.AQ [Microsoft]	5
Backdoor:Win32/Bifrose.EY [Microsoft]	4
Generic BackDoor [McAfee]	4
Generic Downloader.x [McAfee]	4
HeurEngine.MaliciousPacker [PC Tools]	4
Mudgare [McAfee]	4
New Malware.ix [McAfee]	4
Trojan.BAT.Agent.fo [Kaspersky Lab]	4
Trojan.Win32.Midgare [Ikarus]	4
Trojan-Banker.Win32.Banker.agh [Kaspersky Lab]	4
Trojan-Downloader.Win32.Delf [Ikarus]	4
VirTool:Win32/Injector.gen!AG [Microsoft]	4
W32.Dranyam [Symantec]	4
Win32/Xema.worm.200704.E [AhnLab]	4
Win-Trojan/Autorun.233472 [AhnLab]	4
Worm.AutoRun.ANY [PC Tools]	4
Worm.Win32.AutoRun.cke [Kaspersky Lab]	4
Worm.Win32.VB.hm [Kaspersky Lab]	4
Worm.Win32.VB.pj [Kaspersky Lab]	4
Worm:Win32/Dranyam.A [Microsoft]	4
WORM_AUTORUN.GB [Trend Micro]	4
WORM_VB.GAL [Trend Micro]	4
Backdoor.Win32.Hupigon.bmde [Kaspersky Lab]	3
Backdoor.Win32.Hupigon.bmfk [Kaspersky Lab]	3
Backdoor.Win32.Hupigon.nqr [Kaspersky Lab]	3
Backdoor:Win32/Hostil.F [Microsoft]	3
Downloader-BZG [McAfee]	3
Mal_Banker [Trend Micro]	3
New Malware.bl [McAfee]	3
PWS:Win32/Hupigon.gen!F [Microsoft]	3
Trojan.Crypt [Ikarus]	3
Trojan.Dropper [Symantec]	3
Trojan.KillAV [Symantec]	3
Trojan.Win32.CDur.xm [Kaspersky Lab]	3
Trojan.Win32.Delf.ffl [Kaspersky Lab]	3
Trojan.Win32.Sasfis.ttz [Kaspersky Lab]	3
Trojan.Win32.StartPage.alo [Kaspersky Lab]	3
Trojan.Win32.Vilsel.dey [Kaspersky Lab]	3
Trojan:Win32/Malagent [Microsoft]	3
Trojan:Win32/Midgare.A [Microsoft]	3
Trojan-Downloader.Win32.Banload.ajii [Kaspersky Lab]	3
TrojanDropper:Win32/Hupigon.gen!A [Microsoft]	3
Virus.Win32.IndoVirus.a [Ikarus]	3
W32.SillyDC [Symantec]	3
W32/Autorun.worm.aan [McAfee]	3
W32/Autorun.worm.bl [McAfee]	3
W32/Generic.Delphi.b [McAfee]	3
Win-Trojan/Bifrose.72655 [AhnLab]	3
Worm.Win32.Emerleox [Ikarus]	3
Worm:Win32/Autorun.gen!BA [Microsoft]	3
Worm:Win32/Emerleox.gen!A [Microsoft]	3
Worm:Win32/Indopit.A [Microsoft]	3
Worm:Win32/Mevon.A [Microsoft]	3
Backdoor.Bifrose!sd6 [PC Tools]	2
Backdoor.Hupigon [Ikarus]	2
Backdoor.Trojan [Symantec]	2
Backdoor.Win32.Hupigon.dsxf [Kaspersky Lab]	2
Backdoor.Win32.Hupigon.gvyy [Kaspersky Lab]	2

Mal/Behav-043 [Sophos] has the following possible countries of origin:

Origin		Number of Incidents
	China	123
	Brazil	26
	Russian Federation	9
	Algeria	3
	Indonesia	3
	Croatia	2
	Hungary	2
	Spain	2
	Sweden	2
	France	1
	Iran	1
	Israel	1
	United Kingdom	1

Mal/Behav-043 [Sophos] is known to be created as:

%AllUsersProfile%\desktop.exe

%AllUsersProfile%\documents.exe

%AllUsersProfile%\drm.exe

%AllUsersProfile%\favorites.exe

%AllUsersProfile%\templates.exe

%AppData%\services.exe

%AppData%\start\update.exe

%AppData%\winlogon.exe

%CommonAppData%\microsoft.exe

%CommonAppData%\microsoft\crypto.exe

%CommonAppData%\microsoft\crypto\dss.exe

%CommonAppData%\microsoft\crypto\dss\machinekeys.exe

%CommonAppData%\microsoft\crypto\rsa.exe

%CommonAppData%\microsoft\crypto\rsa\machinekeys.exe

%CommonAppData%\microsoft\crypto\rsa\s-1-5-18.exe

%CommonAppData%\microsoft\network.exe

%CommonAppData%\microsoft\network\connections.exe

%CommonAppData%\microsoft\network\connections\cm.exe

%CommonAppData%\microsoft\network\connections\pbk.exe

%CommonAppData%\vmware.exe

%CommonAppData%\wmimgmt.exe

%CommonDesktopDir%\desktop.exe

%CommonDocuments%\my music\sample playlists\00090beb.exe

%CommonFavorites%\smu.exe

%CommonPrograms%\accessories.exe

%CommonPrograms%\accessories\accessibility.exe

%CommonPrograms%\accessories\communications.exe

%CommonPrograms%\accessories\entertainment.exe

%CommonPrograms%\programs.exe

%CommonPrograms%\startup.exe

%CommonPrograms%\startup\crashreport.exe

%CommonPrograms%\startup\ctfm0n.exe

%CommonPrograms%\startup\systemil2.exe

%CommonStartMenu%\programs.exe

%FontsDir%\fonts.exe

%FontsDir%\tskmgr.exe

%MyDocuments%\photo.jpg.exe

%MyDocuments%\prisonbreak.jpg.exe

%MyDocuments%\skofilde.jpg.exe

%Profiles%\default user\application data\microsoft.exe

%Profiles%\default user\cookies.exe

%Profiles%\default user\desktop.exe

%Profiles%\default user\favorites.exe

%Profiles%\default user\local settings\history.exe

%Profiles%\default user\local settings\history\history.ie5.exe

%Profiles%\default user\local settings\temp.exe

%Profiles%\default user\nethood.exe

%Profiles%\default user\printhood.exe

%Profiles%\default user\recent.exe

%Profiles%\default user\sendto.exe

%Profiles%\default user\start menu\programs.exe

%Profiles%\default user\start menu\programs\accessories.exe

%Profiles%\default user\start menu\programs\startup.exe

%Profiles%\default user\templates.exe

%Profiles%\localservice\application data\flexiblesoft.exe

%Profiles%\localservice\application data\microsoft.exe

%Profiles%\localservice\cookies.exe

%Profiles%\localservice\local settings\history.exe

%Profiles%\localservice\local settings\history\history.ie5.exe

%Profiles%\localservice\local settings\temp.exe

%Profiles%\photo\photo1.exe

%Profiles%\win1.exe

%ProgramFiles%\adober5\photshop.exe

%ProgramFiles%\asder\asd.com.cn.exe

%ProgramFiles%\bifeg\dg.exe

%ProgramFiles%\bifrost\server.exe

%ProgramFiles%\eset\egui.exe

%ProgramFiles%\hgzserver\shuibai8.exe

%ProgramFiles%\tencent\rxtf0814.exe

%ProgramFiles%\travian\travian.exe

%ProgramFiles%\win32a\win32a.exe

%ProgramFiles%\winword.exe

%Programs%\startup\1sass.exe

%Programs%\startup\crashreport.exe

%Programs%\startup\vis16.exe

%System%\1.exe

%System%\360safe.exe

%System%\bifrost\server.exe

%System%\deter177\lsass.exe

%System%\deter177\smss.exe

%System%\dllcache\default.exe

%System%\dllcache\global.exe

%System%\dllcache\svchost.exe

%System%\down.exe

%System%\drivers\drivers.cab.exe

%System%\drivers\etc.exe

%System%\dxgdialog.exe

%System%\explorer.exe

%System%\fake.exe

%System%\hdcu.exe

%System%\hostdll.exe

%System%\iexplore.exe

%System%\isxa.exe

%System%\javasc.exe

%System%\krent.exe

%System%\link.exe

%System%\msdll.exe

%System%\pchealth.exe

%System%\qqpet\qqpet\qqpetagent.exe

%System%\recycler.exe

Notes:

%AllUsersProfile% is a variable that specifies the all users' profile folder. By default, this is C:\Documents and Settings\All Users (Windows NT/2000/XP).
%AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
%CommonAppData% is a variable that refers to the file system directory containing application data for all users. A typical path is C:\Documents and Settings\All Users\Application Data.
%CommonDesktopDir% is a variable that refers to the file system directory that contains files and folders that appear on the desktop for all users. A typical path is C:\Documents and Settings\All Users\Desktop (Windows NT/2000/XP).
%CommonDocuments% is a variable that refers to the file system directory that contains documents that are common to all users. A typical paths is C:\Documents and Settings\All Users\Documents.
%CommonFavorites% is a variable that refers to the file system directory that serves as a common repository for all users' favorite items. A typical path is C:\Documents and Settings\All Users\Favorites (Windows NT/2000/XP).
%CommonPrograms% is a variable that refers to the file system directory that contains the directories for the common program groups that appear on the Start menu for all users. A typical path is C:\Documents and Settings\All Users\Start Menu\Programs (Windows NT/2000/XP).
%CommonStartMenu% is a variable that refers to the file system directory that contains the programs and folders that appear on the Start menu for all users. A typical path is C:\Documents and Settings\All Users\Start Menu (Windows NT/2000/XP).
%FontsDir% is a variable that refers to a virtual folder containing fonts. A typical path is C:\Windows\Fonts.
%MyDocuments% is a variable that refers to the file system directory used to physically store a user's common repository of documents. A typical path is C:\Documents and Settings\[UserName]\My Documents.
%Profiles% is a variable that refers to the file system directory containing user profile folders. A typical path is C:\Documents and Settings.
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%Programs% is a variable that refers to the file system directory that contains the user's program groups. A typical path is C:\Documents and Settings\[UserName]\Start Menu\Programs.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).