Threat Search: 

ThreatExpert's Statistics for Mal/Behav-058 [Sophos]:

Mal/Behav-058 [Sophos] is also known as:
Threat AliasNumber of Incidents
Virus.Win32.Hupigon.AMD [Ikarus]62
VirTool:Win32/DelfInject.gen!L [Microsoft]61
Backdoor.Hupigon [PC Tools]16
Backdoor.Graybird [Symantec]15
BackDoor-AWQ.b [McAfee]15
Backdoor.Win32.Hupigon [Ikarus]12
VirTool:Win32/DelfInject.gen!X [Microsoft]12
Win-Trojan/Hupigon.Gen [AhnLab]12
Generic.dx!llk [McAfee]9
Spyware.Keylogger [Symantec]9
Backdoor.Trojan [Symantec]7
Backdoor.Win32.Hupigon.enkw [Kaspersky Lab]7
W32.SillyFDC [Symantec]7
BackDoor-AWQ.b.gen [McAfee]6
Spyware.Keylogger [PC Tools]6
W32.Versie.A [Symantec]5
Backdoor.Win32.Hupigon.drek [Kaspersky Lab]4
Backdoor.Win32.Hupigon.edai [Kaspersky Lab]4
Backdoor.Win32.Hupigon.epky [Kaspersky Lab]4
Backdoor.Win32.Hupigon.gmvf [Kaspersky Lab]4
Generic Dropper!qp [McAfee]4
New Malware.ix [McAfee]4
Suspicious.Graybird.1 [Symantec]4
Trojan-Dropper.Win32.Nail.dj [Kaspersky Lab]4
W32/Autorun.worm.zg [McAfee]4
Win-Trojan/Hupigon.710312 [AhnLab]4
Backdoor.Win32.Hupigon.dhxj [Kaspersky Lab]3
Backdoor:Win32/Hupigon.gen [Microsoft]3
BackDoor-AWQ.b.gen.i [McAfee]3
Downloader [Symantec]3
Generic BackDoor [McAfee]3
Generic PUP.x [McAfee]3
Trojan.Inject [PC Tools]3
Virus.Win32.Delf [Ikarus]3
W32/Autorun.worm.f [McAfee]3
W32/Hupigon.worm [McAfee]3
Backdoor.Hupigon.SNB [PC Tools]2
Backdoor.Win32.Delf.chq [Kaspersky Lab]2
Backdoor.Win32.Delf.ncl [Kaspersky Lab]2
Backdoor.Win32.Hupigon.axbs [Kaspersky Lab]2
Backdoor.Win32.Hupigon.brxk [Kaspersky Lab]2
Backdoor.Win32.Hupigon.cbjf [Kaspersky Lab]2
Backdoor.Win32.Hupigon.etcu [Kaspersky Lab]2
Backdoor.Win32.Hupigon.ewsk [Kaspersky Lab]2
Backdoor.Win32.Hupigon.fazr [Kaspersky Lab]2
Backdoor.Win32.Hupigon.fnut [Kaspersky Lab]2
Backdoor.Win32.Hupigon.jsrr [Kaspersky Lab]2
Backdoor:Win32/Hupigon.DD [Microsoft]2
BackDoor-AWQ.j [McAfee]2
BackDoor-EEL [McAfee]2
BKDR_HUPIGON.TON [Trend Micro]2
Dropper/Nail.468480 [AhnLab]2
Mal_MLWR-1 [Trend Micro]2
New Malware.an [McAfee]2
Spyware.Perfect [PC Tools]2
Spyware.Perfect [Symantec]2
Trojan.Win32.Inject.iif [Kaspersky Lab]2
Trojan.Win32.Inject.rqr [Kaspersky Lab]2
Trojan.Win32.Slefdel [Ikarus]2
Trojan-Dropper.Delf [Ikarus]2
Trojan-PWS.Win32.QQPass [Ikarus]2
W32.Fubalca.E [Symantec]2
Win-Trojan/GrayBird.666112.K [AhnLab]2
Win-Trojan/Graybird.709632 [AhnLab]2
Win-Trojan/Hupigon.702464.DW [AhnLab]2
Win-Trojan/Xema.variant [AhnLab]2
Backdoor.Delf.ATUO [PC Tools]1
Backdoor.Delf.CER [PC Tools]1
Backdoor.Graybird [PC Tools]1
Backdoor.Hupigon!sd6 [PC Tools]1
Backdoor.Hupigon.BJIH [PC Tools]1
Backdoor.Hupigon.BJVT [PC Tools]1
Backdoor.Hupigon.BPPV [PC Tools]1
Backdoor.Hupigon.BRDS [PC Tools]1
Backdoor.Hupigon.brxk [PC Tools]1
Backdoor.Hupigon.drek [PC Tools]1
Backdoor.Win32.Agent.zlc [Kaspersky Lab]1
Backdoor.Win32.Delf.qlv [Kaspersky Lab]1
Backdoor.Win32.Hupigon.bajf [Kaspersky Lab]1
Backdoor.Win32.Hupigon.bdmo [Kaspersky Lab]1
Backdoor.Win32.Hupigon.bdqk [Kaspersky Lab]1
Backdoor.Win32.Hupigon.bhes [Kaspersky Lab]1
Backdoor.Win32.Hupigon.bmpl [Kaspersky Lab]1
Backdoor.Win32.Hupigon.bsjm [Kaspersky Lab]1
Backdoor.Win32.Hupigon.btrm [Kaspersky Lab]1
Backdoor.Win32.Hupigon.bzx [Kaspersky Lab]1
Backdoor.Win32.Hupigon.crwu [Kaspersky Lab]1
Backdoor.Win32.Hupigon.cuje [Kaspersky Lab]1
Backdoor.Win32.Hupigon.dkfk [Kaspersky Lab]1
Backdoor.Win32.Hupigon.dlql [Kaspersky Lab]1
Backdoor.Win32.Hupigon.dlwk [Kaspersky Lab]1
Backdoor.Win32.Hupigon.dvti [Kaspersky Lab]1
Backdoor.Win32.Hupigon.dzse [Kaspersky Lab]1
Backdoor.Win32.Hupigon.egnq [Kaspersky Lab]1
Backdoor.Win32.Hupigon.eujj [Kaspersky Lab]1
Backdoor.Win32.Hupigon.fjut [Kaspersky Lab]1
Backdoor.Win32.Hupigon.frgn [Kaspersky Lab]1
Backdoor.Win32.Hupigon.gced [Kaspersky Lab]1
Backdoor.Win32.Hupigon.gobp [Kaspersky Lab]1
Backdoor.Win32.Hupigon.gspc [Kaspersky Lab]1

Mal/Behav-058 [Sophos] has the following possible countries of origin:
OriginNumber of Incidents
China83
Brazil1

Mal/Behav-058 [Sophos] is known to be created as:
%ProgramFiles%\_1.exe
%ProgramFiles%\_ck819.exe
%ProgramFiles%\_network.exe
%ProgramFiles%\_program.exe
%ProgramFiles%\_r889.exe
%ProgramFiles%\_rejoice2009.exe
%ProgramFiles%\_rejoice48.exe
%ProgramFiles%\_rejoice819.exe
%ProgramFiles%\_servicas.exe
%ProgramFiles%\_windowsxp.exe
%ProgramFiles%\_wxy.exe
%ProgramFiles%\common files\rising.exe
%ProgramFiles%\common files\temp\ierc.exe
%ProgramFiles%\netmeeting\wirwre.exe
%ProgramFiles%\program.exe
%ProgramFiles%\r_server\remoteabc.exe
%ProgramFiles%\remote\remote.exe
%ProgramFiles%\remotevc\removb.exe
%ProgramFiles%\servicas.exe
%ProgramFiles%\super network tunnel\tunnelclient.exe
%ProgramFiles%\super network tunnel\tunnelserver.exe
%ProgramFiles%\super network tunnel\tunnelserverservice.exe
%ProgramFiles%\tencent\qq\qqupdate.exe
%System%\_1.exe
%System%\_re082.exe
%System%\_rejoice082.exe
%System%\_server082.exe
%System%\1.exe
%System%\360rtyy.exe
%System%\cajia.exe
%System%\ddos.exe
%System%\expl0rer.exe
%System%\jgbwg.exe
%System%\re082.exe
%System%\sql_sece.exe
%System%\svchot.exe
%System%\system32.exe
%Temp%\ddoser-3.4_cracked\ddoser.exe
%Temp%\j_server.exe
%Temp%\kafan virlist 2009.03.05\090305-2-1.exe
%Temp%\kafan virlist 2009.03.31\090330-1-0.exe
%Temp%\kafan virlist 20090715\090714-10-4.exe
%Temp%\svcqt.exe
%Windir%\_windowvfenae.exe
%Windir%\client.exe
%Windir%\f_server.exe
%Windir%\h_server.exe
%Windir%\muma.exe
%Windir%\remoteabc.exe
%Windir%\se2008.exe
%Windir%\server.exe
%Windir%\server082.exe
c:\fdf.exe
c:\r889.exe
c:\rejoice082.exe
c:\rejoice2009.exe
c:\rejoice47.exe
c:\rejoice819.exe
c:\server082.exe
c:\server48.exe
c:\svchot.exe
c:\windows.exe
c:\wxy.exe
Notes:
  • %ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
  • %System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
  • %Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
  • %Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.