ThreatExpert's Statistics for Mal/Emogen-R [Sophos]:

Mal/Emogen-R [Sophos] is also known as:

Threat Alias	Number of Incidents
Infostealer.Gampass [Symantec]	3,947
Trojan-GameThief.Win32.Magania [Ikarus]	3,361
PWS-OnlineGames.ek [McAfee]	3,015
Trojan-GameThief.Win32.Magania.bzoc [Kaspersky Lab]	545
Backdoor:Win32/Small.D [Microsoft]	450
Mal_OLGM-6 [Trend Micro]	321
Win-Trojan/Magania.226412 [AhnLab]	255
Trojan-GameThief.Win32.Magania.bwsq [Kaspersky Lab]	253
Trojan-GameThief.Win32.Magania.cbzm [Kaspersky Lab]	225
Trojan-GameThief.Win32.Magania.bwso [Kaspersky Lab]	203
Trojan-GameThief.Win32.Magania.cdmt [Kaspersky Lab]	199
Win-Trojan/Magania.22097 [AhnLab]	195
Win-Trojan/OnlineGameHack.226412 [AhnLab]	180
Trojan-GameThief.Win32.Magania.chvs [Kaspersky Lab]	178
Generic.Onlinegames [Ikarus]	157
PWS-Mmorpg!ez [McAfee]	149
Trojan.Win32.Agent [Ikarus]	145
Trojan.Win32.Agent.bctq [Kaspersky Lab]	144
Trojan-GameThief.Win32.Magania.cdwq [Kaspersky Lab]	132
Trojan-GameThief.Win32.Magania.cces [Kaspersky Lab]	110
Trojan-GameThief.Win32.Magania.cdkz [Kaspersky Lab]	110
Trojan-GameThief.Win32.Magania.chcp [Kaspersky Lab]	110
Backdoor.Trojan [Symantec]	102
Trojan-PSW.Gampass [PC Tools]	88
Troj/PWS-BCC [Sophos]	87
Win-Trojan/Magania.20558.C [AhnLab]	84
Generic.dx [McAfee]	63
TROJ_SPAMBOT.B [Trend Micro]	60
Trojan-GameThief.Win32.Magania.cajr [Kaspersky Lab]	60
Trojan-Proxy.Win32.Agent.lv [Kaspersky Lab]	60
Trojan-Downloader.Win32.Small [Ikarus]	56
Generic BackDoor.ah [McAfee]	55
Trojan-GameThief.Win32.Magania.bxal [Kaspersky Lab]	54
Trojan.PR.Agent.DHSG [PC Tools]	50
Downloader [Symantec]	44
TrojanProxy:Win32/Agent [Microsoft]	40
Trojan-GameThief.Win32.Magania.ceer [Kaspersky Lab]	38
Generic BackDoor [McAfee]	37
Trojan-GameThief.Win32.Magania.bxbv [Kaspersky Lab]	36
Trojan-GameThief.Win32.Magania.cacx [Kaspersky Lab]	36
Trojan-Proxy.Win32.Agent [Ikarus]	35
Win-Trojan/OnlineGameHack.22603.B [AhnLab]	32
PWS-Mmorpg!fh [McAfee]	28
Trojan.Crypt [Ikarus]	28
Win-Trojan/OnlineGameHack.61440.EI [AhnLab]	28
Win-Trojan/Xema.variant [AhnLab]	28
Trojan-GameThief.Win32.Magania.bhpl [Kaspersky Lab]	26
Trojan-GameThief.Win32.Magania.bxcs [Kaspersky Lab]	26
Win-Trojan/Magania.18533 [AhnLab]	26
Win-Trojan/OnlineGameHack.17998 [AhnLab]	26
Win-Trojan/OnlineGameHack.65536.CN [AhnLab]	26
Trojan-GameThief.Win32.Magania.chop [Kaspersky Lab]	25
Trojan-GameThief.Win32.Magania.ceij [Kaspersky Lab]	24
Suspicious.MH690 [Symantec]	21
Trojan-GameThief.Win32.Magania.bxam [Kaspersky Lab]	21
Trojan-GameThief.Win32.Magania.bxbb [Kaspersky Lab]	21
Trojan-GameThief.Win32.Magania.bwyd [Kaspersky Lab]	20
Trojan-GameThief.Win32.Magania.cdkx [Kaspersky Lab]	20
Win32.SuspectCrc [Ikarus]	20
Win-Trojan/OnlineGameHack.18515.H [AhnLab]	20
Trojan-GameThief.Win32.Magania.bfsl [Kaspersky Lab]	18
Win-Trojan/Magania.18521 [AhnLab]	18
Trojan-GameThief.Win32.Magania.ciao [Kaspersky Lab]	17
Trojan-GameThief.Win32.OnLineGames.veox [Kaspersky Lab]	17
Win-Trojan/OnlineGameHack.19022.D [AhnLab]	17
Trojan-GameThief.Win32.Magania.ccet [Kaspersky Lab]	16
Mal/Behav-004, Mal/Emogen-R [Sophos]	15
Trojan-GameThief.Win32.Magania.cakc [Kaspersky Lab]	14
Trojan-GameThief.Win32.Magania.cmhk [Kaspersky Lab]	14
Win-Trojan/Magania.18531.B [AhnLab]	14
Win-Trojan/Magania.24154 [AhnLab]	14
Trojan.Agent.HDZ [PC Tools]	13
Trojan-GameThief.Win32.Magania.bfux [Kaspersky Lab]	13
Backdoor.Win32.Agent.xdm [Kaspersky Lab]	12
Trojan.Agent!sd6 [PC Tools]	12
Trojan-Downloader.Win32.Agent.atcj [Kaspersky Lab]	12
Trojan-GameThief.Win32.Magania.bfva [Kaspersky Lab]	12
Win-Trojan/Magania.20570.B [AhnLab]	12
Win-Trojan/Magania.224855 [AhnLab]	12
Generic BackDoor.c [McAfee]	11
Win-Trojan/OnlineGameHack.18016.D [AhnLab]	11
Infostealer.Onlinegame [Symantec]	10
Trojan-GameThief.Win32.Magania.cabi [Kaspersky Lab]	10
Trojan-GameThief.Win32.Magania.ckqw [Kaspersky Lab]	10
Trojan-GameThief.Win32.Magania.clwt [Kaspersky Lab]	10
Win-Trojan/Magania.16986 [AhnLab]	10
Win-Trojan/OnlineGameHack.21593.B [AhnLab]	10
Backdoor.Win32.Agent.tsc [Kaspersky Lab]	9
Backdoor.Win32.Bifrose.abuy [Kaspersky Lab]	9
Trojan-GameThief.Win32.Magania.cdwi [Kaspersky Lab]	9
W32.Spybot.Worm [Symantec]	9
Win-Trojan/Magania.20563 [AhnLab]	9
Win-Trojan/OnlineGameHack.22631.B [AhnLab]	9
Win-Trojan/OnlineGameHack.24154.E [AhnLab]	9
BackDoor-AWQ [McAfee]	8
Trojan:Win32/Veslorn.gen!A [Microsoft]	8
Trojan-Downloader.Win32.Agent.artq [Kaspersky Lab]	8
Trojan-GameThief.Win32.Magania.beog [Kaspersky Lab]	8
Trojan-GameThief.Win32.Magania.clsr [Kaspersky Lab]	8
Win-Trojan/Magania.16976 [AhnLab]	8

Mal/Emogen-R [Sophos] has the following possible countries of origin:

Origin		Number of Incidents
	China	181
	Spain	7
	Switzerland	3
	Brazil	1

Mal/Emogen-R [Sophos] is known to be created as:

%System%\08223b03.dll

%System%\090514-2-2.exe

%System%\0day.exe

%System%\122b901e.dll

%System%\5.26.exe

%System%\704c3595.dll

%System%\76b9ba7a.dll

%System%\a0c86020.dll

%System%\a1a6bc2e.dll

%System%\abuh8mayrruj.dll

%System%\b4qcuj5wmqh8wjck.dll

%System%\bmsg6pdmd4ht.dll

%System%\bp8wddfqfaagbtyd.dll

%System%\cjptnyj6hwtgwwjdue.dll

%System%\cvst.exe

%System%\ddos.exe

%System%\desn.exe

%System%\dhdhws7ffw.dll

%System%\dktxfybt3g.dll

%System%\drivers\lsass.exe

%System%\e4814792.dll

%System%\efc0c52cc1.dll

%System%\en7hzsrecat8.dll

%System%\ethzrkpveam3wcx.dll

%System%\fu8016.exe

%System%\fuck.exe

%System%\fwew.dll

%System%\fyddos.dll

%System%\fyddos.exe

%System%\gaz2akyyg.dll

%System%\grtzqh5snrhat.dll

%System%\hzdll.dll

%System%\hzxdvgsy3dan5zpk.dll

%System%\imso.exe

%System%\itzaq.exe

%System%\javk.exe

%System%\jbdk.exe

%System%\jbn2ypqy23vwx.dll

%System%\jcan.exe

%System%\jdza.exe

%System%\jffa.exe

%System%\jfzy.exe

%System%\jgxmcj7byhhbwtxt.dll

%System%\jlqk.exe

%System%\jmza.exe

%System%\jqfa.exe

%System%\jqjk.exe

%System%\jqla.exe

%System%\jqlk.exe

%System%\jqqk.exe

%System%\jqtk.exe

%System%\jqwk.exe

%System%\jsza.exe

%System%\jtla.exe

%System%\jtqk.exe

%System%\jtsfdexy4s.dll

%System%\jtsk.exe

%System%\jwmk.exe

%System%\jwoq.exe

%System%\jwtk.exe

%System%\kerner0826.dll

%System%\ksvhjmewr5zzy47.dll

%System%\lgn.exe

%System%\mcxsvc2.exe

%System%\mcxsvcl.exe

%System%\mcxsvcm.exe

%System%\mseny.exe

%System%\msoy.exe

%System%\mxupp.exe

%System%\nbss.exe

%System%\ndxq9awmc.dll

%System%\ntserver.dll

%System%\qb5bkzy7vr5m.dll

%System%\qqmusic.exe

%System%\qqupdate.exe

%System%\qsbvdcwq7umu.dll

%System%\qzone.exe

%System%\ro.dll

%System%\rxdll.dll

%System%\saace.exe

%System%\sogwe.exe

%System%\sqwce.exe

%System%\sttce.exe

%System%\sysfldr.dll

%System%\sysr25.dll

%System%\syssq17.dll

%System%\syst2ym.exe

%System%\system_.exe

%System%\szace.exe

%System%\t1dll.dll

%System%\t44y9a553nq.dll

%System%\tanjsfa2tt2dh.dll

%System%\tcim.exe

%System%\ton.exe

%System%\tstjk.exe

%System%\txolat.exe

%System%\u4atwwqnudzgwhtk.dll

%System%\ufqcu5.dll

%System%\unsra8hec.dll

%System%\uxrgq8zep.dll

Note: %System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).