Threat Search: 

ThreatExpert's Statistics for Mal/Dropper-G [Sophos]:

Mal/Dropper-G [Sophos] is also known as:
Threat AliasNumber of Incidents
Win-Trojan/Buzus.209408.D [AhnLab]114
PWS-OnlineGames.eb [McAfee]113
Trojan-Dropper.Win32.Delfdru [Ikarus]113
TrojanDropper:Win32/Delfdru.gen!A [Microsoft]107
Trojan-PWS.OnlineGames.SYHE [PC Tools]51
VirTool.Win32.DelfInject [Ikarus]43
VirTool:Win32/DelfInject.gen!X [Microsoft]35
Generic Dropper.ay [McAfee]21
VirTool:Win32/DelfInject.gen!L [Microsoft]17
Generic Dropper [McAfee]15
Trojan.Win32.Pakes.mmp [Kaspersky Lab]14
Trojan-Dropper.Delf [Ikarus]14
VirTool:Win32/DelfInject.gen!W [Microsoft]14
Trojan-Downloader.Win32.Delf.CQ [Ikarus]13
Backdoor.Trojan [Symantec]11
Trojan Horse [Symantec]11
VirTool:Win32/Injector.gen!E [Microsoft]11
Trojan.Hijacker [Ikarus]10
Trojan:Win32/Buzus.A [Microsoft]10
Backdoor:Win32/Buzus.C [Microsoft]9
BehavesLikeWin32.ProcessHijack [Ikarus]8
Trojan.Win32.Buzus.hts [Kaspersky Lab]8
Trojan-Dropper.Win32.Agent.zto [Kaspersky Lab]8
Trojan-PWS.Win32.QQPass [Ikarus]8
Virus.Win32.Delf.GIY [Ikarus]8
TROJ_DELF1.A [Trend Micro]7
Win-Trojan/Poison.46592.E [AhnLab]7
Trojan.Win32.KillAV.ok [Kaspersky Lab]6
Trojan-Dropper.Win32.Delf.agf [Kaspersky Lab]6
VirTool:Win32/DelfInject.gen!A [Microsoft]6
Backdoor.Bifrose [Symantec]5
Trojan.Dropper [Symantec]5
Trojan.Win32.Buzus.afwx [Kaspersky Lab]5
Backdoor.Win32.Agent.aeop [Kaspersky Lab]4
BackDoor-AWQ.b [McAfee]4
Downloader.Delphi [Ikarus]4
Dropper/Xema.30720.I [AhnLab]4
Exploit:Win32/MS08067.gen!A [Microsoft]4
not-a-virus:NetTool.Win32.Portscan.s [Kaspersky Lab]4
not-a-virus:RiskTool.Win32.PsKill.v [Kaspersky Lab]4
Trojan.Agent.ASDJ [PC Tools]4
Trojan.Win32.Buzus.jaf [Kaspersky Lab]4
Trojan:Win32/Agent.NAO [Microsoft]4
Trojan:Win32/Veslorn.gen!A [Microsoft]4
Trojan-Downloader.Win32.Agent.aqr [Kaspersky Lab]4
Trojan-Downloader.Win32.Agent.bgpo [Kaspersky Lab]4
Trojan-Downloader.Win32.Agent.blm [Kaspersky Lab]4
Trojan-Downloader.Win32.Agent.butv [Kaspersky Lab]4
Trojan-Dropper.Win32.Agent.yjl [Kaspersky Lab]4
Trojan-Dropper.Win32.Delf.aep [Kaspersky Lab]4
Trojan-PWS.Win32.OnLineGames [Ikarus]4
VirTool:Win32/DelfInject.gen!F [Microsoft]4
Virus.Win32.Xorer.dr [Kaspersky Lab]4
W32.Spybot.Worm [Symantec]4
Worm.Win32.Agent.y [Kaspersky Lab]4
Worm.Win32.Fujack.p [Kaspersky Lab]4
Backdoor.Graybird [Symantec]3
BackDoor-CEP [McAfee]3
BackDoor-CEP.svr [McAfee]3
Infostealer [Symantec]3
Infostealer.Gampass [Symantec]3
IRC Trojan [Symantec]3
Suspicious.MH690 [Symantec]3
Trojan-Dropper.Win32.Delf [Ikarus]3
VirTool:Win32/DelfInject.gen!S [Microsoft]3
Win-Trojan/Pakes.151552.G [AhnLab]3
Win-Trojan/Xema.variant [AhnLab]3
Backdoor.Bifrose!sd6 [PC Tools]2
Backdoor.IRCBot!sd6 [PC Tools]2
Backdoor.Win32.Bifrose.flu [Kaspersky Lab]2
Backdoor.Win32.Bifrose.fpg [Kaspersky Lab]2
Backdoor.Win32.Gobot [Ikarus]2
Backdoor.Win32.Shark.frj [Kaspersky Lab]2
BehavesLike.Win32.ExplorerHijack [Ikarus]2
Dropper/Xema.22016.M [AhnLab]2
Generic.dx [McAfee]2
Mal/Inject-K, Mal/Dropper-G [Sophos]2
Packed.Win32.PePatch.lc [Kaspersky Lab]2
PWS-OnlineGames.eb.gen.b [McAfee]2
TROJ_BUZUS.IZ [Trend Micro]2
TROJ_DELF.IKU [Trend Micro]2
Trojan.DR.Delf.ZKD [PC Tools]2
Trojan.VBS.Starter.l [Kaspersky Lab]2
Trojan.Win32.Buzus [Ikarus]2
Trojan.Win32.Hider [Ikarus]2
Trojan:Win32/Agent [Microsoft]2
Trojan:Win32/Malagent [Microsoft]2
Trojan-Dropper.Delf.aep [PC Tools]2
Trojan-GameThief.Win32.Magania.gen [Kaspersky Lab]2
Trojan-PSW.Generic [PC Tools]2
VirTool.Win32.Injector [Ikarus]2
Virus:Win32/Vimes.gen!A [Microsoft]2
W32.IRCBot [Symantec]2
Win-Trojan/OnlineGameHack.111616.O [AhnLab]2
Win-Trojan/Pakes.37376.Q [AhnLab]2
Backdoor.Agent.DIZG [PC Tools]1
Backdoor.Graybird [PC Tools]1
Backdoor.Rbot [Ikarus]1
Backdoor.Win32.Agent.aqb [Kaspersky Lab]1
Backdoor.Win32.Agent.bze [Kaspersky Lab]1

Mal/Dropper-G [Sophos] has the following possible countries of origin:
OriginNumber of Incidents
China102
Sweden33
United Kingdom33
Brazil8
Japan3
Russian Federation1
Saudi Arabia1
Spain1
Turkey1

Mal/Dropper-G [Sophos] is known to be created as:
%AppData%\lsasrv.exe
%AppData%\server.exe
%AppData%\services.exe
%CommonAppData%\microsoft\comon\ctfmon.exe
%ProgramFiles%\_360.exe
%ProgramFiles%\_360cc.exe
%ProgramFiles%\_rejoice2009.exe
%ProgramFiles%\bifrost\server.exe
%ProgramFiles%\driverss\server.exe
%ProgramFiles%\wln32gl\svchost.exe
%System%\_use.exe
%System%\com\comserv.exe
%System%\epower.exe
%System%\iexplorer.exe
%System%\jqs.exe
%System%\lsasrv.exe
%System%\msngrs.exe
%System%\nadjib.exe
%System%\ntos.exe
%System%\sdra64.exe
%System%\spool\smc32.exe
%System%\taskmon.exe
%System%\update.exe
%System%\vbp32.exe
%System%\wenscarv.exe
%System%\windowsupdate\winupd.exe.exe
%Temp%\_temp_netspool.exe
%Temp%\6134750.exe
%Temp%\dlkivmvidu.exe
%Temp%\fea1rz.exe
%Temp%\fearz.exe
%Temp%\ixp000.tmp\ntspool.exe
%Temp%\kafan virlist 2009.03.08\090308-2-0.exe
%Temp%\keygen.exe
%Temp%\serial.exe
%Temp%\server.exe
%Temp%\spynet-server.exe
%Temp%\svchost.exe
%Temp%\tddownload\ck159.exe
%Windir%\drvtsn32.exe
%Windir%\server.exe
%Windir%\services.exe
%Windir%\system32:kjb32.exe
%Windir%\system32:mesngers.exe
%Windir%\use.exe
%Windir%\utility.exe
%Windir%\web\iexpl0re.exe
%Windir%\winrtpd.exe
c:\360.exe
c:\murkrow.exe
c:\svchost.exe
c:\windows:2.exe
c:\winhelp\win32.com.com
Notes:
  • %AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
  • %CommonAppData% is a variable that refers to the file system directory containing application data for all users. A typical path is C:\Documents and Settings\All Users\Application Data.
  • %ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
  • %System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
  • %Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
  • %Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.