Threat Search: 

ThreatExpert's Statistics for Mal/Behav-221 [Sophos]:

Mal/Behav-221 [Sophos] is also known as:
Threat AliasNumber of Incidents
VirTool:Win32/Vbinder.gen!G [Microsoft]9
Trojan.Win32.Agent.ddip [Kaspersky Lab]8
Backdoor.Win32.VB.hku [Kaspersky Lab]7
VirTool:Win32/Vtub.Y [Microsoft]6
VirTool:Win32/VBInject.gen!BP [Microsoft]5
Backdoor.Win32.VB [Ikarus]4
Generic BackDoor [McAfee]4
Backdoor.Trojan [Symantec]3
Downloader [Symantec]3
Generic BackDoor.b [McAfee]2
Trojan Horse [Symantec]2
Trojan.Win32.Buzus [Ikarus]2
Trojan.Win32.Buzus.caen [Kaspersky Lab]2
Trojan-Dropper.Win32.VB.ioy [Kaspersky Lab]2
VirTool.Win32.VBInject [Ikarus]2
VirTool:Win32/Vbcrypt.I [Microsoft]2
VirTool:Win32/VBInject.gen!AN [Microsoft]2
VirTool:Win32/VBInject.gen!BW [Microsoft]2
Backdoor.Trojan [PC Tools]1
Backdoor.Win32.Bifrose.bzeo [Kaspersky Lab]1
Backdoor.Win32.IRCBot.kod [Kaspersky Lab]1
Backdoor.Win32.Rbot.aatt [Kaspersky Lab]1
Backdoor.Win32.SdBot.onq [Kaspersky Lab]1
Backdoor.Win32.VB.huo [Kaspersky Lab]1
Generic.dx [McAfee]1
HackTool.Win32.Crypt [Ikarus]1
Trojan.Buzus [PC Tools]1
Trojan.Win32.Scar.atws [Kaspersky Lab]1
Trojan.Win32.VB [Ikarus]1
Trojan.Win32.VB.jqw [Kaspersky Lab]1
Trojan-Dropper.Vb [Ikarus]1
Trojan-Dropper.Win32.VB [Ikarus]1
VirTool.Win32.Vbinder [Ikarus]1
VirTool.Win32.Vtub [Ikarus]1
VirTool:Win32/Vbinder.gen!GL [Microsoft]1
Win-Trojan/Bifrose.77824.AQ [AhnLab]1
Win-Trojan/Buzus.61586 [AhnLab]1

Mal/Behav-221 [Sophos] has the following possible countries of origin:
OriginNumber of Incidents
Germany10
Spain9

Mal/Behav-221 [Sophos] is known to be created as:
%System%\mssrv32.exe
%System%\system32\windows.exe
%System%\vttimer.exe
%System%\vttimer\vtimmer.exe.exe
%System%\winudate32.exe
%System%\winupdate.exe
%System%\wmpudate.exe
%Temp%\ixp000.tmp\crypted.exe
%Temp%\ixp000.tmp\regfix.exe
%Temp%\ixp000.tmp\svchost.exe
%Windir%\fxstaller.exe
%Windir%\iexplorer.exe
%Windir%\system32:exporer.exe
%Windir%\temp\maintrysups.exe
Notes:
  • %System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
  • %Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
  • %Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.