ThreatExpert's Statistics for Mal/Behav-160 [Sophos]:

Mal/Behav-160 [Sophos] is also known as:

Threat Alias	Number of Incidents
Trojan Horse [Symantec]	176
Trojan.Win32.Agent [Ikarus]	133
Backdoor.Trojan [Symantec]	99
Generic.dx [McAfee]	93
Trojan.Win32.Agent.afrz [Kaspersky Lab]	90
Virus.Trojan.Win32.Agent.afrz [Ikarus]	81
Mal_OLGM-2 [Trend Micro]	43
PWS-Cashgrabber!a [McAfee]	43
Trojan.Win32.Agent.ccpe [Kaspersky Lab]	41
Win-Trojan/Agent.57897.B [AhnLab]	39
Downloader [Symantec]	35
Trojan.Win32.Agent.chgh [Kaspersky Lab]	27
Win-Trojan/Agent.57897 [AhnLab]	21
Dropper/OnlineGameHack.57899 [AhnLab]	19
PWS-Gamania.dll [McAfee]	18
Trojan.Win32.Agent.ccge [Kaspersky Lab]	16
Trojan.Win32.Agent.chaq [Kaspersky Lab]	16
Trojan-GameThief.Win32.Nilage [Ikarus]	15
Trojan-PWS.Hangame [PC Tools]	15
Generic Downloader.x [McAfee]	12
Infostealer [Symantec]	12
Infostealer.Gampass [Symantec]	12
Trojan.Win32.Agent.acvu [Kaspersky Lab]	12
Trojan.Agent!sd6 [PC Tools]	11
Trojan-PSW.Win32.OnLineGames.bx [Kaspersky Lab]	10
Mal/Behav-034, Mal/Behav-327, Mal/Behav-160 [Sophos]	9
Win-Trojan/Backdoor.135168.C [AhnLab]	9
PWS-Mmorpg.gen [McAfee]	8
Trojan-PSW.Bancos [PC Tools]	8
PWS:Win32/OnLineGames [Microsoft]	7
Trojan.Win32.Agent.cofk [Kaspersky Lab]	7
Infostealer.Maplosty [Symantec]	6
Trojan.Win32.Agent.cbwo [Kaspersky Lab]	6
Trojan.Win32.Agent.ccvw [Kaspersky Lab]	6
Trojan-PSW.OnLineGames!sd5 [PC Tools]	6
W32.SillyFDC [Symantec]	6
Backdoor.Win32.Beastdoor [Ikarus]	5
Infostealer.Lineage [Symantec]	5
TROJ_OLGM.A [Trend Micro]	5
Trojan.Dropper [Symantec]	5
Virus.Trojan.Win32.Agent [Ikarus]	5
Backdoor.Win32.PcClient [Ikarus]	4
Backdoor:Win32/PcClient.N [Microsoft]	4
Dropper/QQPass.57887 [AhnLab]	4
Generic BackDoor [McAfee]	4
Generic.abq [McAfee]	4
Generic.dx!cl [McAfee]	4
Net-Worm.Win32.Mofeir [Ikarus]	4
PWS:Win32/Nabfeign.A [Microsoft]	4
Trojan.Adclicker [Symantec]	4
Trojan.Win32.Agent.cgln [Kaspersky Lab]	4
Trojan.Win32.Pincav.olj [Kaspersky Lab]	4
Trojan.Win32.Pincav.ooa [Kaspersky Lab]	4
TrojanDownloader:Win32/Agenttiny [Microsoft]	4
Trojan-PSW.Win32.OnLineGames.lp [Kaspersky Lab]	4
Trojan-PWS.OnlineGames.LP [PC Tools]	4
Worm.Win32.AutoRun.meq [Kaspersky Lab]	4
Backdoor.Win32.Agent.tnr [Kaspersky Lab]	3
Gen.Trojan [Ikarus]	3
Rootkit.Agent [PC Tools]	3
TROJ_AGENT.IUN [Trend Micro]	3
Trojan.Generic [PC Tools]	3
Trojan-Downloader.Win32.Small.dom [Kaspersky Lab]	3
Trojan-Dropper.Win32.Agent.axza [Kaspersky Lab]	3
Trojan-PWS.Win32.QQPass [Ikarus]	3
Win32.SuspectCrc [Ikarus]	3
Worm.AutoRun.GEN [PC Tools]	3
Backdoor.Graybird [Symantec]	2
Backdoor.Win32.Hupigon [Ikarus]	2
Backdoor.Win32.Tenpeq.A [Ikarus]	2
Backdoor.Win32.VB.hzm [Kaspersky Lab]	2
Cryp_Pai-8 [Trend Micro]	2
Downloader.gen.a [McAfee]	2
Downloader.Trojan [Symantec]	2
Dropper/Agent.87552.G [AhnLab]	2
Generic Downloader [McAfee]	2
Generic PWS.y [McAfee]	2
Mal/Emogen-E, Mal/Behav-160 [Sophos]	2
Mal/Generic-A, Mal/Behav-160 [Sophos]	2
Packed.Win32.Klone.d [Ikarus]	2
TROJ_AGENT.AOAZ [Trend Micro]	2
TROJ_BHO.QW [Trend Micro]	2
Trojan.DL.Agent.ESIH [PC Tools]	2
Trojan.Startpage.G [Symantec]	2
Trojan.Win32.Agent.bxgy [Kaspersky Lab]	2
Trojan.Win32.Agent.cmzh [Kaspersky Lab]	2
Trojan.Win32.VB.fgt [Kaspersky Lab]	2
Trojan-Downloader.Win32.Agent.ofh [Kaspersky Lab]	2
Trojan-Downloader.Win32.Delf.ym [Kaspersky Lab]	2
Trojan-Downloader.Win32.Losabel.ey [Kaspersky Lab]	2
Trojan-Dropper.Delf [Ikarus]	2
Trojan-Dropper.Win32.Killav.hy [Kaspersky Lab]	2
Trojan-GameThief.Win32.Ganhame.ed [Kaspersky Lab]	2
Trojan-PSW.Nilage!sd5 [PC Tools]	2
Trojan-PSW.Win32.Hangame.de [Kaspersky Lab]	2
Trojan-PSW.Win32.Nilage.bfo [Kaspersky Lab]	2
Trojan-PSW.Win32.OnLineGames.dl [Kaspersky Lab]	2
Trojan-PWS.Win32.OnLineGames [Ikarus]	2
W32.SillyDC [Symantec]	2
Win-Trojan/Agent.37888.KC [AhnLab]	2

Mal/Behav-160 [Sophos] has the following possible countries of origin:

Origin		Number of Incidents
	China	231
	Bulgaria	2
	United Kingdom	2
	Russian Federation	1

Mal/Behav-160 [Sophos] is known to be created as:

%ProgramFiles%\common files\system\gdiserver.exe

%ProgramFiles%\common files\system\msadc\system32.exe

%ProgramFiles%\common files\system\ntserv.exe

%ProgramFiles%\common files\system\serv.exe

%ProgramFiles%\windows\windows.exe

%System%\090514-a-4.exe

%System%\090520-3-9.exe

%System%\090520-4-0.exe

%System%\090520-5-9.exe

%System%\155015.exe

%System%\165203.exe

%System%\36otray.dll

%System%\79e71.exe

%System%\adsnv.dll

%System%\ahue.exe

%System%\ananti.dll

%System%\bdcsfa.dll

%System%\bdrmgr32.exe

%System%\com\comexp.exe

%System%\com\csrss.exe

%System%\com\services.exe

%System%\degvrn.dll

%System%\dir.dll

%System%\eipwxy.dll

%System%\gdiplus.exe

%System%\gdisvc.exe

%System%\huai.dll

%System%\ilmwck.dll

%System%\lvcnnd.dll

%System%\navu32.exe

%System%\nbwebsafe.dll

%System%\netmgr.exe

%System%\obmqkw.dll

%System%\qetiif.dll

%System%\ramvtuc.dll

%System%\regedit32.exe

%System%\regedit64.exe

%System%\remotehot.dll

%System%\rlmgtnc.dll

%System%\rmmrtwc.dll

%System%\rsmptec.dll

%System%\sfsomc.dll

%System%\spool\drivers\bwproxyclient.exe

%System%\twabra.dll

%System%\twpnqg.dll

%System%\updaterui.exe

%System%\ups32.dll

%System%\vb6stkit.dll

%System%\webguard.dll

%System%\windows.dll

%System%\windowser.dll

%System%\wininst.exe

%System%\winmide32.dll

%System%\winssco.exe

%System%\zrecml.dll

%Temp%\090514-a-4.exe

%Temp%\090520-3-9.exe

%Temp%\090520-4-0.exe

%Temp%\090521-4-2.exe

%Temp%\090523-a-30.exe

%Temp%\090601-6-1.exe

%Temp%\090602-a-3.exe

%Temp%\090603-1-5.exe

%Temp%\090610-8-4.exe

%Temp%\090610-8-5.exe

%Temp%\090612-4-5.exe

%Temp%\090614-3-8.exe

%Temp%\090615-1-7.exe

%Temp%\17.exe

%Temp%\ixp000.tmp\setup.exe

%Temp%\kafan virlist 2009.03.08\090308-3-4.exe

%Temp%\kafan virlist 2009.03.08\090308-a-22.exe

%Temp%\tddownload\2.exe

%Windir%\fsutil.exe

%Windir%\inf\icuc32.dll

%Windir%\java\classes\notepader.exe

%Windir%\ntkros.dll

%Windir%\ntsock.exe

%Windir%\ntsocks.dll

%Windir%\ntsys.exe

%Windir%\openset.dll

%Windir%\purger.exe

%Windir%\sclgntfys.dll

%Windir%\service.exe

%Windir%\system\purger.exe

%Windir%\temp\129281.exe

%Windir%\temp\31125.exe

%Windir%\temp\34640.exe

%Windir%\temp\36718.exe

%Windir%\temp\37218.exe

%Windir%\temp\37250.exe

%Windir%\twain32.exe

c:\100093.exe

c:\client.exe

Notes:

%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
%Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
%Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.