ThreatExpert's Statistics for Mal/Packer [Sophos]:

Mal/Packer [Sophos] is also known as:

Threat Alias	Number of Incidents
Infostealer.Onlinegame [Symantec]	2,969
Trojan.Win32.Small.bub [Kaspersky Lab]	2,110
FakeAlert-XPSecurityCenter [McAfee]	2,076
Trojan.Win32.Small [Ikarus]	2,010
New Malware.u [McAfee]	1,288
Generic.dx [McAfee]	1,172
Packed.Generic.181 [Symantec]	1,096
Trojan-Spy.Onlinegame!sd6 [PC Tools]	1,025
Trojan Horse [Symantec]	929
FakeAlert-XPSecCenter [McAfee]	878
Trojan-Dropper.Agent [Ikarus]	788
Trojan-Downloader [Ikarus]	668
Infostealer.Gampass [Symantec]	664
Trojan.Generic [Ikarus]	615
New Malware.aq [McAfee]	572
Trojan-GameThief.Win32.WOW.lrn [Kaspersky Lab]	484
XPSecurityCenter [Symantec]	445
Trojan-Spy.Gampass!sd6 [PC Tools]	413
Win-Trojan/OnlineGameHack.18794.B [AhnLab]	396
Backdoor.Trojan [Symantec]	385
not-a-virus:FraudTool.Win32.XPSecurityCenter.b [Kaspersky Lab]	384
New Malware.aj [McAfee]	353
Generic PWS.y!k [McAfee]	352
Win-Trojan/Xema.variant [AhnLab]	340
Suspicious.MH690 [Symantec]	327
Generic PWS.y [McAfee]	315
Downloader [Symantec]	314
Hacktool [Symantec]	311
HackTool.Win32.Homac [Kaspersky Lab]	255
Trojan.Win32.Inject.olm [Kaspersky Lab]	234
HackTool.Homac!sd5 [PC Tools]	219
Generic PUP.x [McAfee]	217
Win-Trojan/QQPass.25953 [AhnLab]	215
Trojan.Flystudio.AI [Ikarus]	210
PWS-Mmorpg.gen [McAfee]	200
Cryp_PESpin [Trend Micro]	196
MalwareScope.Worm.Viking.4 [Ikarus]	196
HackTool:Win32/Homac.A [Microsoft]	181
Packed/FSG [PC Tools]	178
Backdoor.Win32.Hupigon [Ikarus]	172
Trojan.Dropper [Symantec]	172
Virus.Win32.AutoRun.od [Ikarus]	169
Generic Downloader.x [McAfee]	159
HackTool.Win32.Homac [Ikarus]	156
Trojan.Generic [PC Tools]	144
Win-Trojan/HackTool.7200 [AhnLab]	133
Packer.PESpin [Ikarus]	120
Trojan-Downloader.Win32.Small.dqq [Kaspersky Lab]	119
W32/Bacalid!vcab [McAfee]	119
Win-Trojan/ARPSpoofer.30712 [AhnLab]	117
Win-Trojan/ARPSpoofer.36725 [AhnLab]	117
Backdoor.Graybird [Symantec]	115
Mal_Xed-4 [Trend Micro]	114
Win-Trojan/QQPass.25949 [AhnLab]	112
Trojan-GameThief.Win32.OnLineGames.vcqj [Kaspersky Lab]	108
Trojan-PWS.OnlineGames.AHRG [PC Tools]	96
Trojan:Win32/Bumat!rts [Microsoft]	94
Virus.Win32.Trojan [Ikarus]	90
Generic PUP.b [McAfee]	86
Infostealer.Lemir [Symantec]	86
Trojan-PWS.Win32.Lmir.beu [Ikarus]	79
Backdoor.Win32.Popwin [Ikarus]	78
W32.Imaut [Symantec]	77
TROJ_NSPAK.A [Trend Micro]	76
W32/Winko.worm.gen [McAfee]	76
Worm:Win32/Winko.A [Microsoft]	76
Trojan.Packed.NsAnti [Symantec]	73
W32/HLLP.Philis.dll [McAfee]	72
Backdoor.Formador [Symantec]	70
Trojan.Packed [Ikarus]	70
P2P-Worm.Agent!sd5 [PC Tools]	68
P2P-Worm.Win32.Agent.ag [Kaspersky Lab]	68
W32.SillyP2P [Symantec]	68
WORM_SILLY.CZ [Trend Micro]	68
Backdoor.Sdbot [Symantec]	66
Worm.Win32.Viking.ix [Kaspersky Lab]	66
W32/Generic.worm.b [McAfee]	62
Backdoor:Win32/Bacalid.A [Microsoft]	60
New Malware.ja [McAfee]	59
Dropper/Multi.184832 [AhnLab]	56
PWS-Banker [McAfee]	56
W32.Spybot.Worm [Symantec]	56
Backdoor.Win32.Agent.aenm [Kaspersky Lab]	53
Downloader.Generic [PC Tools]	53
Downloader.gen.a [McAfee]	52
Trojan-Dropper.Delf [Ikarus]	52
Virus.Win32.Driller [Ikarus]	52
Generic BackDoor [McAfee]	51
PE_VBAC.A-O [Trend Micro]	51
Trojan:Win32/Agent [Microsoft]	50
Virus.Win32.Small [Ikarus]	50
Backdoor.Bifrose [Ikarus]	49
Packed.Win32.Klone [Ikarus]	49
Trojan.Win32.Agent.chwl [Kaspersky Lab]	49
Backdoor.Formador!sd6 [PC Tools]	48
Bloodhound.NsAnti [Symantec]	47
Downloader.Looked [Symantec]	47
Infostealer [Symantec]	46
not-a-virus.Keygen.Avast [Ikarus]	46
Infostealer.Lineage [Symantec]	45

Mal/Packer [Sophos] has the following possible countries of origin:

Origin		Number of Incidents
	China	5,387
	Ukraine	3,262
	United Kingdom	561
	Brazil	238
	Russian Federation	123
	Germany	43
	France	31
	Australia	23
	Poland	23
	Norway	22
	Sweden	21
	Netherlands	17
	Japan	16
	Finland	12
	Italy	12
	New Zealand	12
	Republic of Korea	12
	Taiwan	12
	Spain	10
	Hong Kong	8
	Portugal	8
	Saudi Arabia	6
	Ireland	5
	Turkey	5
	Belgium	4
	Iran	4
	Israel	4
	Romania	4
	Argentina	3
	Thailand	3
	Austria	2
	Canada	2
	Egypt	2
	Estonia	2
	Algeria	1
	Croatia	1
	Czech Republic	1
	Denmark	1
	Hungary	1
	Peru	1
	Slovenia	1
	Switzerland	1

Mal/Packer [Sophos] is known to be created as:

%AppData%\iloader.exe

%AppData%\timerlocksetup.exe

%CommonDesktopDir%\auto.exe

%CommonDesktopDir%\idm.patch.exe

%CommonPrograms%\startup\70cuse.lnk.exe

%CommonPrograms%\startup\avg.exe

%CommonPrograms%\startup\gbplugin.exe

%CommonPrograms%\startup\livemessenger.scr

%CommonPrograms%\startup\msn.exe

%CommonPrograms%\startup\startup.exe

%CommonPrograms%\startup\sys_aupdate.exe

%CommonPrograms%\startup\syst.exe

%CommonPrograms%\startup\windows32.exe

%DesktopDir%\keymaker.exe

%FontsDir%\b4b147bc522828731f1a016bfa72c073\system\svchost.exe

%FontsDir%\svhost.exe

%FontsDir%\udwht.exe

%FontsDir%\unwise_.exe

%FontsDir%\xrtci.exe

%Profiles%\2f.tmp_bak.exe

%Profiles%\default user\start menu\programs\startup\sexy.exe

%Profiles%\mscrss.exe

%ProgramFiles%\_twunk_64.exe

%ProgramFiles%\5.exe

%ProgramFiles%\aggress\doorway generator\aggressdoorgen.exe

%ProgramFiles%\aore-unpacktools\about.exe

%ProgramFiles%\bifrost\q.exe

%ProgramFiles%\bifrost\server.exe

%ProgramFiles%\clzxabxpmdh\fuy0gh6d.exe

%ProgramFiles%\common files\efbaf.exe

%ProgramFiles%\common files\system.exe

%ProgramFiles%\common files\system\qqtc32.exe

%ProgramFiles%\common files\system\she.dll

%ProgramFiles%\common files\system\vbtoedl.exe

%ProgramFiles%\coolpigcinema\kzplay.exe

%ProgramFiles%\coolpigcinema\news.exe

%ProgramFiles%\coolpigcinema\tops.exe

%ProgramFiles%\counter\htmlpeek.dll

%ProgramFiles%\d93310q\gdabn.exe

%ProgramFiles%\desktop lock\keygen.exe

%ProgramFiles%\game accelerator\gamexl.exe

%ProgramFiles%\game accelerator\web.exe

%ProgramFiles%\gameos\web.exe

%ProgramFiles%\hotbounce\ifufi2\ifufi2.exe

%ProgramFiles%\idigital technologies\key serv 2.0\srvcks.exe

%ProgramFiles%\iemailer - email marketing\uninstall.exe

%ProgramFiles%\internet download manager\idm.patch.exe

%ProgramFiles%\internet download manager\idman.exe

%ProgramFiles%\internet explorer\connection wizard\audwf.exe

%ProgramFiles%\internet explorer\inter_1.exe

%ProgramFiles%\internet explorer\keygen.exe

%ProgramFiles%\internet explorer\piplayer.exe

%ProgramFiles%\internet explorer\setupapi.dll

%ProgramFiles%\internet explorer\syssmss.exe

%ProgramFiles%\internet explorer\winrar_all_version.exe

%ProgramFiles%\kari\win32ip.exe

%ProgramFiles%\killsh\hd.exe

%ProgramFiles%\kjhkjhjk\hd.exe

%ProgramFiles%\meex.exe

%ProgramFiles%\messenger\smss.exe

%ProgramFiles%\myportal\speed-x\speedx.exe

%ProgramFiles%\navilog1\gnc.exe

%ProgramFiles%\netlog version 2.0\logview.exe

%ProgramFiles%\netlog version 2.0\netlog.exe

%ProgramFiles%\nvsvcm.exe

%ProgramFiles%\outlook express\keygen.exe

%ProgramFiles%\outlook express\system.exe

%ProgramFiles%\qqzhushou\qqzhushou.exe

%ProgramFiles%\rss team\rs_accounts_seeker.exe

%ProgramFiles%\rss team\rsdwn.dll

%ProgramFiles%\rss team\sqlite3.dll

%ProgramFiles%\sd updater\uninstall.exe

%ProgramFiles%\ssc service utility\s2csplash.dll

%ProgramFiles%\svchost.exe

%ProgramFiles%\vopt8\vopt.exe

%ProgramFiles%\windows media player\kguwc.exe

%ProgramFiles%\windows nt\services.exe

%ProgramFiles%\windowsupdate\bugreport.exe

%ProgramFiles%\winrar\activation.exe

%ProgramFiles%\winrar\original_files_and_patch\keygen.exe

%ProgramFiles%\winrar\winrde.exe

%ProgramFiles%\wolfbox\uninstall.exe

%ProgramFiles%\zero freezer 1.5\data_file.exe

%Programs%\startup\360wdupdate.exe

%System%\1.exe

%System%\1025\1025.exe

%System%\1028\1028.exe

%System%\1031\1031.exe

%System%\1033\1033.exe

%System%\1037\1037.exe

%System%\1041\1041.exe

%System%\1042\1042.exe

%System%\1054\1054.exe

%System%\111.exe

%System%\2052\2052.exe

%System%\3076\3076.exe

%System%\33f5c.dll

%System%\360mo.dll

%System%\360wdupdate.exe

%System%\3com_dmi\3com_dmi.exe

Notes:

%AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
%CommonDesktopDir% is a variable that refers to the file system directory that contains files and folders that appear on the desktop for all users. A typical path is C:\Documents and Settings\All Users\Desktop (Windows NT/2000/XP).
%CommonPrograms% is a variable that refers to the file system directory that contains the directories for the common program groups that appear on the Start menu for all users. A typical path is C:\Documents and Settings\All Users\Start Menu\Programs (Windows NT/2000/XP).
%DesktopDir% is a variable that refers to the file system directory used to physically store file objects on the desktop. A typical path is C:\Documents and Settings\[UserName]\Desktop.
%FontsDir% is a variable that refers to a virtual folder containing fonts. A typical path is C:\Windows\Fonts.
%Profiles% is a variable that refers to the file system directory containing user profile folders. A typical path is C:\Documents and Settings.
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%Programs% is a variable that refers to the file system directory that contains the user's program groups. A typical path is C:\Documents and Settings\[UserName]\Start Menu\Programs.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).