Threat Search: 

ThreatExpert's Statistics for Mal/Behav-160 [Sophos]:

Mal/Behav-160 [Sophos] is also known as:
Threat AliasNumber of Incidents
Trojan Horse [Symantec]176
Trojan.Win32.Agent [Ikarus]133
Backdoor.Trojan [Symantec]99
Generic.dx [McAfee]93
Trojan.Win32.Agent.afrz [Kaspersky Lab]90
Virus.Trojan.Win32.Agent.afrz [Ikarus]81
Mal_OLGM-2 [Trend Micro]43
PWS-Cashgrabber!a [McAfee]43
Trojan.Win32.Agent.ccpe [Kaspersky Lab]41
Win-Trojan/Agent.57897.B [AhnLab]39
Downloader [Symantec]35
Trojan.Win32.Agent.chgh [Kaspersky Lab]27
Win-Trojan/Agent.57897 [AhnLab]21
Dropper/OnlineGameHack.57899 [AhnLab]19
PWS-Gamania.dll [McAfee]18
Trojan.Win32.Agent.ccge [Kaspersky Lab]16
Trojan.Win32.Agent.chaq [Kaspersky Lab]16
Trojan-GameThief.Win32.Nilage [Ikarus]15
Trojan-PWS.Hangame [PC Tools]15
Generic Downloader.x [McAfee]12
Infostealer [Symantec]12
Infostealer.Gampass [Symantec]12
Trojan.Win32.Agent.acvu [Kaspersky Lab]12
Trojan.Agent!sd6 [PC Tools]11
Trojan-PSW.Win32.OnLineGames.bx [Kaspersky Lab]10
Mal/Behav-034, Mal/Behav-327, Mal/Behav-160 [Sophos]9
Win-Trojan/Backdoor.135168.C [AhnLab]9
PWS-Mmorpg.gen [McAfee]8
Trojan-PSW.Bancos [PC Tools]8
PWS:Win32/OnLineGames [Microsoft]7
Trojan.Win32.Agent.cofk [Kaspersky Lab]7
Infostealer.Maplosty [Symantec]6
Trojan.Win32.Agent.cbwo [Kaspersky Lab]6
Trojan.Win32.Agent.ccvw [Kaspersky Lab]6
Trojan-PSW.OnLineGames!sd5 [PC Tools]6
W32.SillyFDC [Symantec]6
Backdoor.Win32.Beastdoor [Ikarus]5
Infostealer.Lineage [Symantec]5
TROJ_OLGM.A [Trend Micro]5
Trojan.Dropper [Symantec]5
Virus.Trojan.Win32.Agent [Ikarus]5
Backdoor.Win32.PcClient [Ikarus]4
Backdoor:Win32/PcClient.N [Microsoft]4
Dropper/QQPass.57887 [AhnLab]4
Generic BackDoor [McAfee]4
Generic.abq [McAfee]4
Generic.dx!cl [McAfee]4
Net-Worm.Win32.Mofeir [Ikarus]4
PWS:Win32/Nabfeign.A [Microsoft]4
Trojan.Adclicker [Symantec]4
Trojan.Win32.Agent.cgln [Kaspersky Lab]4
Trojan.Win32.Pincav.olj [Kaspersky Lab]4
Trojan.Win32.Pincav.ooa [Kaspersky Lab]4
TrojanDownloader:Win32/Agenttiny [Microsoft]4
Trojan-PSW.Win32.OnLineGames.lp [Kaspersky Lab]4
Trojan-PWS.OnlineGames.LP [PC Tools]4
Worm.Win32.AutoRun.meq [Kaspersky Lab]4
Backdoor.Win32.Agent.tnr [Kaspersky Lab]3
Gen.Trojan [Ikarus]3
Rootkit.Agent [PC Tools]3
TROJ_AGENT.IUN [Trend Micro]3
Trojan.Generic [PC Tools]3
Trojan-Downloader.Win32.Small.dom [Kaspersky Lab]3
Trojan-Dropper.Win32.Agent.axza [Kaspersky Lab]3
Trojan-PWS.Win32.QQPass [Ikarus]3
Win32.SuspectCrc [Ikarus]3
Worm.AutoRun.GEN [PC Tools]3
Backdoor.Graybird [Symantec]2
Backdoor.Win32.Hupigon [Ikarus]2
Backdoor.Win32.Tenpeq.A [Ikarus]2
Backdoor.Win32.VB.hzm [Kaspersky Lab]2
Cryp_Pai-8 [Trend Micro]2
Downloader.gen.a [McAfee]2
Downloader.Trojan [Symantec]2
Dropper/Agent.87552.G [AhnLab]2
Generic Downloader [McAfee]2
Generic PWS.y [McAfee]2
Mal/Emogen-E, Mal/Behav-160 [Sophos]2
Mal/Generic-A, Mal/Behav-160 [Sophos]2
Packed.Win32.Klone.d [Ikarus]2
TROJ_AGENT.AOAZ [Trend Micro]2
TROJ_BHO.QW [Trend Micro]2
Trojan.DL.Agent.ESIH [PC Tools]2
Trojan.Startpage.G [Symantec]2
Trojan.Win32.Agent.bxgy [Kaspersky Lab]2
Trojan.Win32.Agent.cmzh [Kaspersky Lab]2
Trojan.Win32.VB.fgt [Kaspersky Lab]2
Trojan-Downloader.Win32.Agent.ofh [Kaspersky Lab]2
Trojan-Downloader.Win32.Delf.ym [Kaspersky Lab]2
Trojan-Downloader.Win32.Losabel.ey [Kaspersky Lab]2
Trojan-Dropper.Delf [Ikarus]2
Trojan-Dropper.Win32.Killav.hy [Kaspersky Lab]2
Trojan-GameThief.Win32.Ganhame.ed [Kaspersky Lab]2
Trojan-PSW.Nilage!sd5 [PC Tools]2
Trojan-PSW.Win32.Hangame.de [Kaspersky Lab]2
Trojan-PSW.Win32.Nilage.bfo [Kaspersky Lab]2
Trojan-PSW.Win32.OnLineGames.dl [Kaspersky Lab]2
Trojan-PWS.Win32.OnLineGames [Ikarus]2
W32.SillyDC [Symantec]2
Win-Trojan/Agent.37888.KC [AhnLab]2

Mal/Behav-160 [Sophos] has the following possible countries of origin:
OriginNumber of Incidents
China231
Bulgaria2
United Kingdom2
Russian Federation1

Mal/Behav-160 [Sophos] is known to be created as:
%ProgramFiles%\common files\system\gdiserver.exe
%ProgramFiles%\common files\system\msadc\system32.exe
%ProgramFiles%\common files\system\ntserv.exe
%ProgramFiles%\common files\system\serv.exe
%ProgramFiles%\windows\windows.exe
%System%\090514-a-4.exe
%System%\090520-3-9.exe
%System%\090520-4-0.exe
%System%\090520-5-9.exe
%System%\155015.exe
%System%\165203.exe
%System%\36otray.dll
%System%\79e71.exe
%System%\adsnv.dll
%System%\ahue.exe
%System%\ananti.dll
%System%\bdcsfa.dll
%System%\bdrmgr32.exe
%System%\com\comexp.exe
%System%\com\csrss.exe
%System%\com\services.exe
%System%\degvrn.dll
%System%\dir.dll
%System%\eipwxy.dll
%System%\gdiplus.exe
%System%\gdisvc.exe
%System%\huai.dll
%System%\ilmwck.dll
%System%\lvcnnd.dll
%System%\navu32.exe
%System%\nbwebsafe.dll
%System%\netmgr.exe
%System%\obmqkw.dll
%System%\qetiif.dll
%System%\ramvtuc.dll
%System%\regedit32.exe
%System%\regedit64.exe
%System%\remotehot.dll
%System%\rlmgtnc.dll
%System%\rmmrtwc.dll
%System%\rsmptec.dll
%System%\sfsomc.dll
%System%\spool\drivers\bwproxyclient.exe
%System%\twabra.dll
%System%\twpnqg.dll
%System%\updaterui.exe
%System%\ups32.dll
%System%\vb6stkit.dll
%System%\webguard.dll
%System%\windows.dll
%System%\windowser.dll
%System%\wininst.exe
%System%\winmide32.dll
%System%\winssco.exe
%System%\zrecml.dll
%Temp%\090514-a-4.exe
%Temp%\090520-3-9.exe
%Temp%\090520-4-0.exe
%Temp%\090521-4-2.exe
%Temp%\090523-a-30.exe
%Temp%\090601-6-1.exe
%Temp%\090602-a-3.exe
%Temp%\090603-1-5.exe
%Temp%\090610-8-4.exe
%Temp%\090610-8-5.exe
%Temp%\090612-4-5.exe
%Temp%\090614-3-8.exe
%Temp%\090615-1-7.exe
%Temp%\17.exe
%Temp%\ixp000.tmp\setup.exe
%Temp%\kafan virlist 2009.03.08\090308-3-4.exe
%Temp%\kafan virlist 2009.03.08\090308-a-22.exe
%Temp%\tddownload\2.exe
%Windir%\fsutil.exe
%Windir%\inf\icuc32.dll
%Windir%\java\classes\notepader.exe
%Windir%\ntkros.dll
%Windir%\ntsock.exe
%Windir%\ntsocks.dll
%Windir%\ntsys.exe
%Windir%\openset.dll
%Windir%\purger.exe
%Windir%\sclgntfys.dll
%Windir%\service.exe
%Windir%\system\purger.exe
%Windir%\temp\129281.exe
%Windir%\temp\31125.exe
%Windir%\temp\34640.exe
%Windir%\temp\36718.exe
%Windir%\temp\37218.exe
%Windir%\temp\37250.exe
%Windir%\twain32.exe
c:\100093.exe
c:\client.exe
Notes:
  • %ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
  • %System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
  • %Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
  • %Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.