Threat Search: 

ThreatExpert's Statistics for Mal/Behav-116 [Sophos]:

Mal/Behav-116 [Sophos] is also known as:
Threat AliasNumber of Incidents
Infostealer.Gampass [Symantec]21,031
Trojan-Spy.Gampass!sd6 [PC Tools]11,012
Trojan-PWS.Win32.LdPinch [Ikarus]9,393
Generic.Onlinegames [Ikarus]7,653
PWS-LDPinch [McAfee]7,125
PWS-Mmorpg.gen [McAfee]5,507
Trojan-GameThief.Win32.Magania.axfh [Kaspersky Lab]4,747
Trojan-PSW.Win32.LdPinch.grr [Kaspersky Lab]4,036
Trojan-GameThief.Win32.Magania [Ikarus]3,433
Trojan-PSW.Win32.LdPinch.aeof [Kaspersky Lab]2,115
Win-Trojan/LdPinch.23150.F [AhnLab]2,030
Trojan-PSW.Win32.LdPinch.aenn [Kaspersky Lab]1,956
Trojan-GameThief.Win32.Magania.axea [Kaspersky Lab]1,849
Trojan-GameThief.Win32.Magania.axes [Kaspersky Lab]1,764
Win-Trojan/LdPinch.24177 [AhnLab]1,764
Trojan-PSW.Win32.LdPinch.aeoc [Kaspersky Lab]1,680
Win-Trojan/OnlineGameHack.22133 [AhnLab]1,651
Trojan-GameThief.Win32.Magania.awcg [Kaspersky Lab]1,338
Trojan-PWS.Magania.AMTN [PC Tools]351
Trojan-GameThief.Win32.Magania.awch [Kaspersky Lab]258
Win-Trojan/OnlineGameHack.20606 [AhnLab]235
Trojan-PSW.Win32.LdPinch.aepl [Kaspersky Lab]229
Generic Dropper.eb [McAfee]187
Win-Trojan/OnlineGameHack.20588 [AhnLab]173
Win-Trojan/OnlineGameHack.21598.D [AhnLab]171
Win-Trojan/OnlineGameHack.22131.C [AhnLab]168
Win-Trojan/OnlineGameHack.20094 [AhnLab]154
Win-Trojan/OnlineGameHack.23714.B [AhnLab]149
Dropper/OnlineGameHack.23682.B [AhnLab]147
Dropper/OnlineGameHack.23714 [AhnLab]126
Win-Trojan/LdPinch.23651.B [AhnLab]100
Dropper/OnlineGameHack.13875 [AhnLab]95
Trojan-GameThief.Win32.Magania.avps [Kaspersky Lab]78
Trojan-GameThief.Win32.Magania.avxe [Kaspersky Lab]62
Trojan-GameThief.Win32.Magania.avvn [Kaspersky Lab]60
Win-Trojan/OnlineGameHack.22642 [AhnLab]57
Dropper/OnlineGameHack.15289.D [AhnLab]56
Win-Trojan/OnlineGameHack.23148.B [AhnLab]56
Trojan.Win32.SystemHijack [Ikarus]55
Trojan-GameThief.Win32.Magania.awzg [Kaspersky Lab]49
Dropper/OnlineGameHack.23168 [AhnLab]44
Trojan-GameThief.Win32.Magania.avlo [Kaspersky Lab]44
Trojan-Dropper.Win32.Agent.ahgk [Kaspersky Lab]43
Trojan-GameThief.Win32.Magania.awyg [Kaspersky Lab]40
Win-Trojan/OnlineGameHack.20578 [AhnLab]39
Trojan-GameThief.Win32.Magania.awqw [Kaspersky Lab]37
Trojan-GameThief.Win32.Magania.avvs [Kaspersky Lab]36
Trojan-Downloader.Win32.Agent.bisq [Kaspersky Lab]35
Win-Trojan/OnlineGameHack.23678 [AhnLab]35
Trojan-GameThief.Win32.Magania.avqs [Kaspersky Lab]30
Trojan-GameThief.Win32.Magania.avto [Kaspersky Lab]30
Trojan-PSW.Win32.LdPinch.aepo [Kaspersky Lab]30
Dropper/OnlineGameHack.15290 [AhnLab]26
Infostealer [Symantec]25
Win-Trojan/OnlineGameHack.22646.D [AhnLab]25
Win-Trojan/OnlineGameHack.23188.B [AhnLab]25
Downloader [Symantec]20
Trojan-GameThief.Win32.Magania.avvr [Kaspersky Lab]20
Dropper/OnlineGameHack.Gen [AhnLab]19
Win-Trojan/OnlineGameHack.22120.C [AhnLab]19
Win-Trojan/OnlineGameHack.24183 [AhnLab]16
Generic.dx [McAfee]13
Dropper/OnlineGameHack.15288.B [AhnLab]12
Dropper/OnlineGameHack.23164 [AhnLab]12
Trojan Horse [Symantec]12
Trojan-Dropper.Win32.Agent.ahdu [Kaspersky Lab]12
Trojan-Dropper.Agent!sd6 [PC Tools]11
Trojan-GameThief.Win32.Magania.amvt [Kaspersky Lab]10
Win-Trojan/LdPinch.22641 [AhnLab]10
New Malware.aj [McAfee]9
Win-Trojan/LdPinch.23661 [AhnLab]9
Dropper/OnlineGameHack.22664 [AhnLab]8
Dropper/OnlineGameHack.24188 [AhnLab]8
PWS.Win32.OnLineGames [Ikarus]8
Trojan-GameThief.Win32.Magania.axfd [Kaspersky Lab]8
Dropper/OnlineGameHack.21662 [AhnLab]7
Trojan.Win32.Agent [Ikarus]7
Trojan-Dropper.Agent [Ikarus]7
Win32.SuspectCrc [Ikarus]7
Dropper/OnlineGameHack.15289.C [AhnLab]6
Trojan-GameThief.Win32.Magania.anbr [Kaspersky Lab]6
Trojan-GameThief.Win32.Magania.avrp [Kaspersky Lab]6
Trojan-PSW.Win32.LdPinch.aeoe [Kaspersky Lab]6
Win-Trojan/LdPinch.23668 [AhnLab]6
Win-Trojan/Magania.11022 [AhnLab]6
Win-Trojan/OnlineGameHack.23188 [AhnLab]6
Backdoor.Bifrose [Symantec]5
Dropper/Agent.13850 [AhnLab]5
Dropper/Agent.20921 [AhnLab]5
TrojanDropper:Win32/Otlard.A [Microsoft]5
Trojan-PSW.Win32.LdPinch.aepe [Kaspersky Lab]5
Virus.Win32.Agent.BQC [Ikarus]5
Win-Trojan/LdPinch.24190 [AhnLab]5
Win-Trojan/Magania.23671 [AhnLab]5
Win-Trojan/OnlineGameHack.24190.B [AhnLab]5
Win-Trojan/Xema.variant [AhnLab]5
Backdoor:WinNT/Farfli.E!sys [Microsoft]4
Generic.PWS.Games [Ikarus]4
not-a-virus:Porn-Dialer.Win32.Agent.bk [Ikarus]4
Possible_Virus [Trend Micro]4

Mal/Behav-116 [Sophos] has the following possible countries of origin:
OriginNumber of Incidents
China21,317
Republic of Korea11
Russian Federation4
Hungary1
Italy1
Poland1

Mal/Behav-116 [Sophos] is known to be created as:
%AppData%\adobe\manager.exe
%ProgramFiles%\microsoft frontpage\oqsrt.exe
%ProgramFiles%\movie maker\utvxw.exe
%ProgramFiles%\msn gaming zone\ilkmonpo.exe
%ProgramFiles%\sideplus\sideplusun.exe
%ProgramFiles%\unroll\unrollun.exe
%ProgramFiles%\web publish\gihkmlnp.exe
%System%\logger\alrsvc.exe
%System%\msr.exe
%System%\msrmng.exe
%System%\stormser.exe
%System%\svcernea.exe
%System%\ttployer.exe
%System%\winsvc\svc\google.exe
%Temp%\10.0.30.125-31aug\winupdate.exe
%Temp%\10.0.31.105\winupdate.exe
%Temp%\5\090312-5-3.exe
%Temp%\5\090312-5-4.exe
%Temp%\5\090312-5-5.exe
%Temp%\6\090312-6-1.exe
%Temp%\a\090312-a-0.exe
%Temp%\a\090312-a-1.exe
%Temp%\a\090312-a-16.exe
%Temp%\a\090312-a-2.exe
%Temp%\a\090312-a-20.exe
%Temp%\a\090312-a-21.exe
%Temp%\a\090312-a-22.exe
%Temp%\a\090312-a-24.exe
%Temp%\a\090312-a-27.exe
%Temp%\a\090312-a-3.exe
%Temp%\a\090312-a-32.exe
%Temp%\a\090312-a-34.exe
%Temp%\a\090312-a-37.exe
%Temp%\a\090312-a-5.exe
%Temp%\al412.exe
%Temp%\axm2be6.exe
%Temp%\bjoi1.exe
%Temp%\c0dte.exe
%Temp%\c2mauzrh.exe
%Temp%\c7esmvn8y.exe
%Temp%\c7st4.exe
%Temp%\cs0p33bbx5.exe
%Temp%\cvtbdf.exe
%Temp%\dbwg2n904.exe
%Temp%\der3nf63p.exe
%Temp%\dfoab.exe
%Temp%\e9mf50.exe
%Temp%\eb6u47xk.exe
%Temp%\emnkyrlut.exe
%Temp%\etjk3e0i5.exe
%Temp%\euzaup0j.exe
%Temp%\gpebi71.exe
%Temp%\grnsyc6bh1.exe
%Temp%\huzcy.exe
%Temp%\idxj1s5p.exe
%Temp%\install.exe
%Temp%\j8scwtyn0.exe
%Temp%\jlt0t4kg.exe
%Temp%\jwtsnug.exe
%Temp%\kafan virlist 2009.03.31\090330-4-6.exe
%Temp%\kgoal8.exe
%Temp%\l8yhgxg.exe
%Temp%\m2f15okjq7.exe
%Temp%\mi3f7e0hkz.exe
%Temp%\mldihq.exe
%Temp%\mr1s8g.exe
%Temp%\n0gfrk.exe
%Temp%\n5rhw.exe
%Temp%\np1oibk69.exe
%Temp%\nzv86cp7.exe
%Temp%\ocqaj2a01.exe
%Temp%\ppp.exe
%Temp%\qekuy.exe
%Temp%\qfhmcwh.exe
%Temp%\r5psp4jg.exe
%Temp%\r5v9gllwv7.exe
%Temp%\reader_sl.exe
%Temp%\rhda8k.exe
%Temp%\ro3a3bn7oa.exe
%Temp%\ro9ad7.exe
%Temp%\rtcsv.exe
%Temp%\s0p3f.exe
%Temp%\s1896.exe
%Temp%\t8lk7.exe
%Temp%\tfvj04na8.exe
%Temp%\tongji.exe
%Temp%\trg4zf.exe
%Temp%\tru16nw9.exe
%Temp%\twmjyj9h6.exe
%Temp%\upphi29k.exe
%Temp%\uuszjhk.exe
%Temp%\uzqiy3iv.exe
%Temp%\v1mak1m.exe
%Temp%\v6st9jwuxz.exe
%Temp%\winorydg.exe
%Temp%\xbe0vi3w5.exe
%Temp%\ybvbry77v.exe
%Temp%\yirbwlmad.exe
%Temp%\yk69m7ca.exe
%Temp%\zpqlj2r.exe
Notes:
  • %AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
  • %ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
  • %System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
  • %Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).