ThreatExpert's Statistics for Mal/Behav-285 [Sophos]:

Mal/Behav-285 [Sophos] is also known as:

Threat Alias	Number of Incidents
Packed.Win32.Black.a [Kaspersky Lab]	237
WORM_SDBOT.GAV [Trend Micro]	156
New Malware.jn [McAfee]	122
Generic.dx [McAfee]	77
W32/Sdbot.worm [McAfee]	65
W32.Spybot.Worm [Symantec]	46
BehavesLikeWin32.ExplorerHijack [Ikarus]	44
Trojan Horse [Symantec]	37
W32.IRCBot [Symantec]	34
Trojan.Crypt [Ikarus]	33
Packed.Win32.Black [Ikarus]	32
Backdoor.Trojan [Symantec]	24
BackDoor-CEP.svr [McAfee]	20
Infostealer [Symantec]	18
Backdoor.Win32.IRCBot [Ikarus]	17
Infostealer.Bancos [Symantec]	17
Trojan:Win32/Ircbrute [Microsoft]	17
Win-Trojan/Xema.variant [AhnLab]	17
Backdoor.Bifrose [Symantec]	16
W32/Sdbot.worm.gen.ci [McAfee]	16
PWS-Banker.gen.i [McAfee]	15
Downloader [Symantec]	13
Mal_Banker [Trend Micro]	13
MemScanBackdoor.Bifrose.NQ [Ikarus]	13
Downloader.gen.a [McAfee]	12
PWS-Banker [McAfee]	12
Suspicious.MH690 [Symantec]	11
W32.Netsky.gen@mm [Symantec]	11
Backdoor.Bifrose [Ikarus]	10
Backdoor.Sdbot [Symantec]	10
Backdoor.Hupigon [Ikarus]	9
Infostealer.Gampass [Symantec]	9
Trojan-Downloader.Win32.Bagle.jc [Ikarus]	9
TrojanSpy:Win32/Banker.GV [Microsoft]	9
Backdoor.Rbot [Ikarus]	8
Backdoor.Win32.Hupigon [Ikarus]	8
Backdoor:Win32/Akbot.gen [Microsoft]	8
Backdoor:Win32/Bifrose [Microsoft]	8
Backdoor:Win32/Rbot [Microsoft]	8
Backdoor:Win32/Rbot.gen [Microsoft]	8
Exploit:Win32/MS06040.gen [Microsoft]	8
Trojan-Downloader.Win32.Bagle [Ikarus]	8
W32.IRCBot.Gen [Symantec]	8
Win32/IRCBot.worm.variant [AhnLab]	8
Generic BackDoor [McAfee]	7
Trojan.Win32.Autoit.dd [Kaspersky Lab]	7
Downloader.MisleadApp [Symantec]	6
TrojanSpy:Win32/Bancos.gen!B [Microsoft]	6
W32.Beagle.EB [Symantec]	6
Worm:Win32/Wootbot.gen [Microsoft]	6
Backdoor.IRCBot!sd6 [PC Tools]	5
Backdoor.Win32.Ciadoor [Ikarus]	5
MemScanBackdoor.VB.EV [Ikarus]	5
Net-Worm.Kolab!sd6 [PC Tools]	5
Trojan.Generic [Ikarus]	5
Trojan.Mitglieder [Symantec]	5
Trojan.Win32.Autoit.dd [Ikarus]	5
W32.Randex.gen [Symantec]	5
W32/Bagle.gen [McAfee]	5
Worm:Win32/Pushbot.gen!C [Microsoft]	5
Backdoor.Bifrose!sd6 [PC Tools]	4
Backdoor.Graybird [Symantec]	4
Backdoor.IRC.Bot [Symantec]	4
Backdoor.VanBot.EP [PC Tools]	4
Backdoor.Win32.Ciadoor.123 [Ikarus]	4
Backdoor:Win32/Akbot.J [Microsoft]	4
Backdoor:Win32/Bifrose.FO [Microsoft]	4
Backdoor-CEP [McAfee]	4
Downloader.Bancos [Symantec]	4
Hacktool [Symantec]	4
Net-Worm.Win32.Kolab.ajb [Kaspersky Lab]	4
Net-Worm.Win32.Kolab.ane [Kaspersky Lab]	4
Net-Worm.Win32.Kolabc [Ikarus]	4
PWS-Banker.dldr [McAfee]	4
PWS-Banker.gen.aa [McAfee]	4
Spyware.Keylogger [Symantec]	4
Trojan.IRCBot [PC Tools]	4
Trojan.Win32.Buzus.rmt [Kaspersky Lab]	4
Trojan.Win32.Ircbrute [Ikarus]	4
Trojan:Win32/Meredrop [Microsoft]	4
Trojan:Win32/Pakes [Microsoft]	4
Trojan-Banker.Win32.Banker.edy [Kaspersky Lab]	4
Trojan-Downloader.MisleadApp!sd6 [PC Tools]	4
Trojan-Downloader.Win32.Bagle.hi [Kaspersky Lab]	4
TrojanDownloader:Win32/Bagle [Microsoft]	4
Trojan-Spy.Bancos!sd6 [PC Tools]	4
Win32/Kolab.worm.483328 [AhnLab]	4
Backdoor.Bot [Ikarus]	3
Backdoor.VB.EV [Ikarus]	3
Backdoor.Win32.Bifrose [Ikarus]	3
Backdoor.Win32.SdBot [Ikarus]	3
Backdoor:Win32/Agent [Microsoft]	3
Backdoor:Win32/Bifrose.ACI [Microsoft]	3
Backdoor:Win32/Bifrose.AE [Microsoft]	3
Backdoor:Win32/Poison [Microsoft]	3
BackDoor-CEP [McAfee]	3
DollarRevenue [McAfee]	3
Generic.Sdbot [Ikarus]	3
Trojan:WinNT/Bagle.gen [Microsoft]	3
Trojan-Downloader.Win32.Bagle.hi [Ikarus]	3

Mal/Behav-285 [Sophos] has the following possible countries of origin:

Origin		Number of Incidents
	Brazil	86
	China	37
	Sweden	28
	Russian Federation	24
	Germany	18
	United Kingdom	17
	Italy	13
	Republic of Korea	8
	Switzerland	5
	Iran	3
	Spain	3
	Japan	2
	Argentina	1
	Belgium	1
	France	1
	Taiwan	1
	Thailand	1

Mal/Behav-285 [Sophos] is known to be created as:

%CommonPrograms%\startup\jvm0.exe

%CommonPrograms%\startup\win.exe

%ProgramFiles%\187\186.exe

%ProgramFiles%\bifrost\server.exe

%ProgramFiles%\chuanshuo\chuansg.dll

%ProgramFiles%\chuanshuo\scripteditor.exe

%ProgramFiles%\config32\system36.exe

%ProgramFiles%\dsfsdfsd\nope.dll

%ProgramFiles%\ghanimx\nope.dll

%ProgramFiles%\plugin tv fuxico player\setup.exe

%System%\_os.exe

%System%\asdfsa.exe

%System%\avg.exe

%System%\b7r63.exe

%System%\bifrost\riski.exe

%System%\bifrost\server.exe

%System%\bifrost\windowsman.exe

%System%\btorrent.exe

%System%\cdn.dll.exe

%System%\cjqojxhi.exe

%System%\clock.exe

%System%\cpanele.com

%System%\crssxp.exe

%System%\cssrss.exe

%System%\dasada.exe

%System%\dasda.com

%System%\dllcache\shvhost.exe

%System%\drivers\hidr.exe

%System%\drivers\hldrrr.exe

%System%\drivers\mdelk.exe

%System%\drwsn32.exe

%System%\emulatorutility.exe

%System%\eqaodfse.exe

%System%\explore.exe

%System%\explorer.exe

%System%\fotoshop.exe

%System%\fs4.exe

%System%\fxwhecyv.exe

%System%\hard63.exe

%System%\hvrujlwv.exe

%System%\iexplore.exe

%System%\igfsfdfsd32ss.exe

%System%\igxdfdfds.com

%System%\ihyylnsb.exe

%System%\imglog.exe

%System%\intelr.exe

%System%\jvm0.exe

%System%\kb15oooo.exe

%System%\mhclientconnect.exe

%System%\mnet.exe

%System%\msiecfg.exe

%System%\msmsg.exe

%System%\msnmsgr.exe

%System%\msnnger.exe

%System%\msnnmaneger.exe

%System%\msrx.exe

%System%\mstcpweb.dll

%System%\msupdate.exe

%System%\notaped.exe

%System%\nvctrays.exe

%System%\osd.exe

%System%\pkecbowp.exe

%System%\plms.exe

%System%\ptomaxcb.exe

%System%\rar.exe

%System%\rfgucubz.exe

%System%\rundll.exe

%System%\rundll23.exe

%System%\rundll33.exe

%System%\server2.exe

%System%\setwin32.exe

%System%\svchost\svchost.exe

%System%\svchost32.exe

%System%\svchosts.exe

%System%\svchots.exe

%System%\svhost.exe

%System%\system.exe

%System%\system32\win32.exe

%System%\systemi.exe

%System%\systems.exe

%System%\taksman.exe

%System%\taskmngr.exe

%System%\theames.exe

%System%\ttlms.exe

%System%\upds.exe

%System%\video.exe

%System%\vvdbmwjb.exe

%System%\winbibl.exe

%System%\windowsys.exe

%System%\windsp.exe

%System%\wingate32.exe

%System%\winjtm.exe

%System%\winkey.exe

%System%\winlogom.exe

%System%\winsp2dmod.exe

%System%\winsyse12.exe

%System%\zgyjwmkp.exe

%Temp%\hookzatcmd.exe

%Temp%\ixp000.tmp\install.exe

%Temp%\nthide.dll

Notes:

%CommonPrograms% is a variable that refers to the file system directory that contains the directories for the common program groups that appear on the Start menu for all users. A typical path is C:\Documents and Settings\All Users\Start Menu\Programs (Windows NT/2000/XP).
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
%Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).