Threat Search: 

ThreatExpert's Statistics for Mal/Packer [Sophos]:

Mal/Packer [Sophos] is also known as:
Threat AliasNumber of Incidents
Infostealer.Onlinegame [Symantec]2,969
Trojan.Win32.Small.bub [Kaspersky Lab]2,110
FakeAlert-XPSecurityCenter [McAfee]2,076
Trojan.Win32.Small [Ikarus]2,010
New Malware.u [McAfee]1,288
Generic.dx [McAfee]1,172
Packed.Generic.181 [Symantec]1,096
Trojan-Spy.Onlinegame!sd6 [PC Tools]1,025
Trojan Horse [Symantec]929
FakeAlert-XPSecCenter [McAfee]878
Trojan-Dropper.Agent [Ikarus]788
Trojan-Downloader [Ikarus]668
Infostealer.Gampass [Symantec]664
Trojan.Generic [Ikarus]615
New Malware.aq [McAfee]572
Trojan-GameThief.Win32.WOW.lrn [Kaspersky Lab]484
XPSecurityCenter [Symantec]445
Trojan-Spy.Gampass!sd6 [PC Tools]413
Win-Trojan/OnlineGameHack.18794.B [AhnLab]396
Backdoor.Trojan [Symantec]385
not-a-virus:FraudTool.Win32.XPSecurityCenter.b [Kaspersky Lab]384
New Malware.aj [McAfee]353
Generic PWS.y!k [McAfee]352
Win-Trojan/Xema.variant [AhnLab]340
Suspicious.MH690 [Symantec]327
Generic PWS.y [McAfee]315
Downloader [Symantec]314
Hacktool [Symantec]311
HackTool.Win32.Homac [Kaspersky Lab]255
Trojan.Win32.Inject.olm [Kaspersky Lab]234
HackTool.Homac!sd5 [PC Tools]219
Generic PUP.x [McAfee]217
Win-Trojan/QQPass.25953 [AhnLab]215
Trojan.Flystudio.AI [Ikarus]210
PWS-Mmorpg.gen [McAfee]200
Cryp_PESpin [Trend Micro]196
MalwareScope.Worm.Viking.4 [Ikarus]196
HackTool:Win32/Homac.A [Microsoft]181
Packed/FSG [PC Tools]178
Backdoor.Win32.Hupigon [Ikarus]172
Trojan.Dropper [Symantec]172
Virus.Win32.AutoRun.od [Ikarus]169
Generic Downloader.x [McAfee]159
HackTool.Win32.Homac [Ikarus]156
Trojan.Generic [PC Tools]144
Win-Trojan/HackTool.7200 [AhnLab]133
Packer.PESpin [Ikarus]120
Trojan-Downloader.Win32.Small.dqq [Kaspersky Lab]119
W32/Bacalid!vcab [McAfee]119
Win-Trojan/ARPSpoofer.30712 [AhnLab]117
Win-Trojan/ARPSpoofer.36725 [AhnLab]117
Backdoor.Graybird [Symantec]115
Mal_Xed-4 [Trend Micro]114
Win-Trojan/QQPass.25949 [AhnLab]112
Trojan-GameThief.Win32.OnLineGames.vcqj [Kaspersky Lab]108
Trojan-PWS.OnlineGames.AHRG [PC Tools]96
Trojan:Win32/Bumat!rts [Microsoft]94
Virus.Win32.Trojan [Ikarus]90
Generic PUP.b [McAfee]86
Infostealer.Lemir [Symantec]86
Trojan-PWS.Win32.Lmir.beu [Ikarus]79
Backdoor.Win32.Popwin [Ikarus]78
W32.Imaut [Symantec]77
TROJ_NSPAK.A [Trend Micro]76
W32/Winko.worm.gen [McAfee]76
Worm:Win32/Winko.A [Microsoft]76
Trojan.Packed.NsAnti [Symantec]73
W32/HLLP.Philis.dll [McAfee]72
Backdoor.Formador [Symantec]70
Trojan.Packed [Ikarus]70
P2P-Worm.Agent!sd5 [PC Tools]68
P2P-Worm.Win32.Agent.ag [Kaspersky Lab]68
W32.SillyP2P [Symantec]68
WORM_SILLY.CZ [Trend Micro]68
Backdoor.Sdbot [Symantec]66
Worm.Win32.Viking.ix [Kaspersky Lab]66
W32/Generic.worm.b [McAfee]62
Backdoor:Win32/Bacalid.A [Microsoft]60
New Malware.ja [McAfee]59
Dropper/Multi.184832 [AhnLab]56
PWS-Banker [McAfee]56
W32.Spybot.Worm [Symantec]56
Backdoor.Win32.Agent.aenm [Kaspersky Lab]53
Downloader.Generic [PC Tools]53
Downloader.gen.a [McAfee]52
Trojan-Dropper.Delf [Ikarus]52
Virus.Win32.Driller [Ikarus]52
Generic BackDoor [McAfee]51
PE_VBAC.A-O [Trend Micro]51
Trojan:Win32/Agent [Microsoft]50
Virus.Win32.Small [Ikarus]50
Backdoor.Bifrose [Ikarus]49
Packed.Win32.Klone [Ikarus]49
Trojan.Win32.Agent.chwl [Kaspersky Lab]49
Backdoor.Formador!sd6 [PC Tools]48
Bloodhound.NsAnti [Symantec]47
Downloader.Looked [Symantec]47
Infostealer [Symantec]46
not-a-virus.Keygen.Avast [Ikarus]46
Infostealer.Lineage [Symantec]45

Mal/Packer [Sophos] has the following possible countries of origin:
OriginNumber of Incidents
China5,387
Ukraine3,262
United Kingdom561
Brazil238
Russian Federation123
Germany43
France31
Australia23
Poland23
Norway22
Sweden21
Netherlands17
Japan16
Finland12
Italy12
New Zealand12
Republic of Korea12
Taiwan12
Spain10
Hong Kong8
Portugal8
Saudi Arabia6
Ireland5
Turkey5
Belgium4
Iran4
Israel4
Romania4
Argentina3
Thailand3
Austria2
Canada2
Egypt2
Estonia2
Algeria1
Croatia1
Czech Republic1
Denmark1
Hungary1
Peru1
Slovenia1
Switzerland1

Mal/Packer [Sophos] is known to be created as:
%AppData%\iloader.exe
%AppData%\timerlocksetup.exe
%CommonDesktopDir%\auto.exe
%CommonDesktopDir%\idm.patch.exe
%CommonPrograms%\startup\70cuse.lnk.exe
%CommonPrograms%\startup\avg.exe
%CommonPrograms%\startup\gbplugin.exe
%CommonPrograms%\startup\livemessenger.scr
%CommonPrograms%\startup\msn.exe
%CommonPrograms%\startup\startup.exe
%CommonPrograms%\startup\sys_aupdate.exe
%CommonPrograms%\startup\syst.exe
%CommonPrograms%\startup\windows32.exe
%DesktopDir%\keymaker.exe
%FontsDir%\b4b147bc522828731f1a016bfa72c073\system\svchost.exe
%FontsDir%\svhost.exe
%FontsDir%\udwht.exe
%FontsDir%\unwise_.exe
%FontsDir%\xrtci.exe
%Profiles%\2f.tmp_bak.exe
%Profiles%\default user\start menu\programs\startup\sexy.exe
%Profiles%\mscrss.exe
%ProgramFiles%\_twunk_64.exe
%ProgramFiles%\5.exe
%ProgramFiles%\aggress\doorway generator\aggressdoorgen.exe
%ProgramFiles%\aore-unpacktools\about.exe
%ProgramFiles%\bifrost\q.exe
%ProgramFiles%\bifrost\server.exe
%ProgramFiles%\clzxabxpmdh\fuy0gh6d.exe
%ProgramFiles%\common files\efbaf.exe
%ProgramFiles%\common files\system.exe
%ProgramFiles%\common files\system\qqtc32.exe
%ProgramFiles%\common files\system\she.dll
%ProgramFiles%\common files\system\vbtoedl.exe
%ProgramFiles%\coolpigcinema\kzplay.exe
%ProgramFiles%\coolpigcinema\news.exe
%ProgramFiles%\coolpigcinema\tops.exe
%ProgramFiles%\counter\htmlpeek.dll
%ProgramFiles%\d93310q\gdabn.exe
%ProgramFiles%\desktop lock\keygen.exe
%ProgramFiles%\game accelerator\gamexl.exe
%ProgramFiles%\game accelerator\web.exe
%ProgramFiles%\gameos\web.exe
%ProgramFiles%\hotbounce\ifufi2\ifufi2.exe
%ProgramFiles%\idigital technologies\key serv 2.0\srvcks.exe
%ProgramFiles%\iemailer - email marketing\uninstall.exe
%ProgramFiles%\internet download manager\idm.patch.exe
%ProgramFiles%\internet download manager\idman.exe
%ProgramFiles%\internet explorer\connection wizard\audwf.exe
%ProgramFiles%\internet explorer\inter_1.exe
%ProgramFiles%\internet explorer\keygen.exe
%ProgramFiles%\internet explorer\piplayer.exe
%ProgramFiles%\internet explorer\setupapi.dll
%ProgramFiles%\internet explorer\syssmss.exe
%ProgramFiles%\internet explorer\winrar_all_version.exe
%ProgramFiles%\kari\win32ip.exe
%ProgramFiles%\killsh\hd.exe
%ProgramFiles%\kjhkjhjk\hd.exe
%ProgramFiles%\meex.exe
%ProgramFiles%\messenger\smss.exe
%ProgramFiles%\myportal\speed-x\speedx.exe
%ProgramFiles%\navilog1\gnc.exe
%ProgramFiles%\netlog version 2.0\logview.exe
%ProgramFiles%\netlog version 2.0\netlog.exe
%ProgramFiles%\nvsvcm.exe
%ProgramFiles%\outlook express\keygen.exe
%ProgramFiles%\outlook express\system.exe
%ProgramFiles%\qqzhushou\qqzhushou.exe
%ProgramFiles%\rss team\rs_accounts_seeker.exe
%ProgramFiles%\rss team\rsdwn.dll
%ProgramFiles%\rss team\sqlite3.dll
%ProgramFiles%\sd updater\uninstall.exe
%ProgramFiles%\ssc service utility\s2csplash.dll
%ProgramFiles%\svchost.exe
%ProgramFiles%\vopt8\vopt.exe
%ProgramFiles%\windows media player\kguwc.exe
%ProgramFiles%\windows nt\services.exe
%ProgramFiles%\windowsupdate\bugreport.exe
%ProgramFiles%\winrar\activation.exe
%ProgramFiles%\winrar\original_files_and_patch\keygen.exe
%ProgramFiles%\winrar\winrde.exe
%ProgramFiles%\wolfbox\uninstall.exe
%ProgramFiles%\zero freezer 1.5\data_file.exe
%Programs%\startup\360wdupdate.exe
%System%\1.exe
%System%\1025\1025.exe
%System%\1028\1028.exe
%System%\1031\1031.exe
%System%\1033\1033.exe
%System%\1037\1037.exe
%System%\1041\1041.exe
%System%\1042\1042.exe
%System%\1054\1054.exe
%System%\111.exe
%System%\2052\2052.exe
%System%\3076\3076.exe
%System%\33f5c.dll
%System%\360mo.dll
%System%\360wdupdate.exe
%System%\3com_dmi\3com_dmi.exe
Notes:
  • %AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
  • %CommonDesktopDir% is a variable that refers to the file system directory that contains files and folders that appear on the desktop for all users. A typical path is C:\Documents and Settings\All Users\Desktop (Windows NT/2000/XP).
  • %CommonPrograms% is a variable that refers to the file system directory that contains the directories for the common program groups that appear on the Start menu for all users. A typical path is C:\Documents and Settings\All Users\Start Menu\Programs (Windows NT/2000/XP).
  • %DesktopDir% is a variable that refers to the file system directory used to physically store file objects on the desktop. A typical path is C:\Documents and Settings\[UserName]\Desktop.
  • %FontsDir% is a variable that refers to a virtual folder containing fonts. A typical path is C:\Windows\Fonts.
  • %Profiles% is a variable that refers to the file system directory containing user profile folders. A typical path is C:\Documents and Settings.
  • %ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
  • %Programs% is a variable that refers to the file system directory that contains the user's program groups. A typical path is C:\Documents and Settings\[UserName]\Start Menu\Programs.
  • %System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).